Cybersecurity-Protect Your Business, Tomorrow
A CIFFA Member to Member Webinar on Cybersecurity – “How to Protect Your Business, Tomorrow”, was held June 28, 2022, offered as follow-up to the 10 Best Cybersecurity Practices paper created by CIFFA’s Technology Committee.
A panel of seasoned professionals provided expert advice and best practices on how to protect your business – both before and after a cyber attack.
Many cyber attacks happen because hackers spot a security vulnerability and exploit it. They can do this by: brute-forcing the password, eavesdropping on communications, and extracting personal information through phishing attacks, and through many other means.
Moderated by Drew Simons – Principal, Roxville Technology Inc., webinar panelists included John Berry – SVP of Information Technology, OEC Group, Shawn Davidson – President, Trapp Technology, Ashish Mathur – Global CIO, ECU Worldwide, and Aadhar (Ady) Sharma – Vice President, AON.
According to Trapp Technology, today’s most common threats and attacks include: social engineering (human error), phishing, (a type of social engineering where an attacker sends a fraudulent message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious software on the victim’s infrastructure like ransomware), vishing, (just one form of phishing, which is any type of message – such as an email, text, phone call or direct-chat message – that appears to be from a trusted source, but isn’t-(the goal is to steal someone’s identity or money), and smishing, (a phishing cybersecurity attack carried out over mobile text messaging, also known as SMS phishing), ransomware (Crypto Locker), distributed denial of service (DDoS), (a cybercrime in which the attacker floods a server with internet traffic to prevent users from accessing connected online services and sites), brute force attacks, (uses trial-and-error to guess login info, encryption keys, or find a hidden web page), and man-in-the-middle, a type of cyber attack in which the attacker secretly intercepts and relays messages between two parties who believe they are communicating directly with each other. The attack is a type of eavesdropping in which the attacker intercepts and then controls the entire conversation.
Attacks like drive by downloads exist when a hacker creates a vector for malware delivery — online message, ads, legitimate program downloads. You interact with the vector for example by clicking a deceptive link.
The most common and the most prominent ways that ransomware enters an organization are the following: e-mail link, 31%, e-mail attachment, 28%, and via website or web app, 24%, (with unknown at 9%, social media at 4%, USB stick 3%, and business application 1%.)
As guidance, unsolicited emails should not be trusted, nor should funds be sent to people who request them by email, especially not before checking with leadership. Spam should always be filtered, and an antivirus, firewall and detection programs installed and kept up to date.
Never click on unknown links in email messages.
Also, beware of email attachments. If you get one from what looks like a friend, contact them independently to ensure that they actually sent it.
Slow down. Hackers want you to act first and think later. Never let someone’s urgency prohibit your careful review of the situation. Delete any request for information that seems suspicious. Do not reply or forward the message.
Any email that randomly asks you to change your password or payment information could be a scam (phishing) and must be verified by other means of communication. Phishing is one of the most successful forms of social engineering attacks used today.
The government or any financial institution will never contact you using email to request private information.
Cyber insurance: what’s its role?
According to AON, the role of cyber insurance is to help protect an organization with pre-breach assessments, access to pre-vetted vendors, and cyber security information. Assistance can be provided via forensic investigators, legal services, credit monitoring, call center services, crisis management and public relations.
Proper insurance enables a business to return to “operational”, accounts for the loss of revenue, income and turnover, and accounts for costs incurred to recreate or restore data and information.
Insurance can also mitigate legal costs and damages from claims alleging privacy breach or network security failure.
Cyber insurance can offer coverage for items such as breach event expenses, for example reimbursement coverage for the insured’s costs to respond to a data privacy or security incident.
Policy triggers vary but are typically based on discovery of an event, or a statutory obligation to notify consumers of an event.
Insurance can also cover digital asset restoration, cyber extortion, network business interruption, system failure, dependent business interruption, dependent system failure, privacy and network security liability, privacy regulatory fines and penalties, media liability, and PCI fines and penalties.