Tom Bowles and Taher Hamid spoke recently at a seminar with a focus on security. The group in attendance learned the most recent statistics about security breaches, vulnerabilities, and trends in cyber attacks.
Watch part one of our two-part series below.
Why is security important?
The challenge today is to stay ahead of hackers, but with 350,000 new malicious programs introduced to the Internet every day, programs like ransomware are costing businesses more than $75 billion per year, with nearly 70% of those funds unrecoverable.
What is lurking out there?
Hackers are constantly upping their game, which is why security measures are always being improved and strengthened.
Physical safeguards all businesses need:
The Human Condition
Humans are the weakest cybersecurity link; in this regard, humans are unpredictable and apt to failure and forgetfulness. A layered approach to security is insufficient if ongoing training with a focus on employee security isn’t included.
Traditional physical security layers are designed to prevent opportunities for human error, with the average SonicWall customer avoiding 900 attacks per year by TLS/SSL encryption – that’s 900 blocked human errors!
TotalSafe: A Three-Layer Approach
“Every layered security strategy must include something to protect personnel from their own mistakes.”
The majority of successful malicious attacks start with a human unknowingly providing system access and could otherwise have been prevented with education and training.
Tom and Taher dove into two-factor authentication, password protocols, and best practices, and the importance of providing training to employees so everyone knows what to watch for to avoid causing the next data breach. Ongoing training is the best way to ensure all cybersecurity protocols are followed and the information is protected from operator error.
Since internal elements, like employees, are the primary cause of many cybersecurity incidents today, the importance of detection systems that monitor internal security issues is critical:
Separate from employee training, internal network detection monitors for access to data at odd times, saving sensitive data to external resources or devices, or accessing others’ devices remotely.
These efforts to detect threats include monitoring for:
The dark web is enigmatic and complex, primarily because it exists in the part of the web not indexed by web search engines and requires specific software or authorizations to access.
Perhaps unsurprisingly, all data inevitably ends up on the dark web, which also happens to be criminals’ favorite place to lurk in hopes of discovering easy – and cheap – access to personal information that can be used to hack into accounts and steal sensitive data.
How do you know if you currently have data on the dark web?
Tom and Taher talked about Alltek Services and Dark Web Protection that can scan and find any information connected to a domain and provide a detailed report of all information easily accessible on the dark web.
This ongoing service monitors real-time activity for immediate notification to ensure passwords can be changed and the information is protected, as part of the Alltek Services TotalSafe Platform:
The primary takeaways from Tom and Taher in the Security Seminar: