Dealing With Common Cybersecurity Threats

Dealing With Common Cybersecurity Threats

February 27, 2019 Business Insurance and Risk Management, The Beacon Blog 0 Comments

Employees are often cited as the biggest cybersecurity risk, usually due to lack of awareness. It follows that the best way to guard against cyber attacks is to know common threats and how to deal with them. A recent post on the Open Access Government website (https://www.openaccessgovernment.org/employees-cyber-security-risk/57043/) does just that. Here is their list of threats and defenses:

Phishing: According to Symantec 71% of targeted attacks start with phishing scams. Know the telltale signs: not being addressed by name, typos or spelling errors, suspicious email addresses, offers “too good to be true” (they usually are). Do not open links or attachments if not from a trusted source. If in doubt, call the sender or inform your security administrator.

Using unsecured networks: Unencrypted data could be accessed by criminals. Viruses and malware can enter the network leading to denial of service attacks. Symantec has seen an 8500% increase in coin miner malware recently. Using a virtual private network (VPN) will encrypt data and protect users.

Storing sensitive data: Avoid storing protected information on portable devices or taking printouts off-site. Staff must be trained on approved access to personal data, storage and destruction or deletion when no longer needed. Strong passwords are needed for logins and sensitive documents.

Illegitimate apps and programs: They probably contain malware. They can steal data, leak mobile numbers and infect other network devices. Only download apps from official stores and research before installing.

Failure to update software: Updates and upgrades improve security. Hackers and threats are constantly evolving; updates help keep security current.

The Internet of Things: Attacks increased by 600% in 2017 according to Symantec. When mobile devices are connected to a network, a virus can contaminate the entire network. Employees should be trained on which Wi-Fi networks are suitable for downloading apps. A private network for IoT devices is recommended. Devices should have a secure password and be disconnected from the Internet unless needed. Use a strong firewall and firmware protection.




About the Author

Harry Cylinder

Harry Cylinder, CPCU, ARM has spent nearly fifty years in the insurance industry, the majority of the time as a consultant. He has been employed by The Beacon Group of Companies since 2008, specializing in the review and analysis of property and casualty coverage forms. Mr. Cylinder has been reviewing policy forms as they have evolved over the past decades. In 2008 he published an article in the CPCU Journal which was the first description of cyber insurance coverage for a general insurance audience. Since that time he has regularly written on cyber and other topics for The Beacon Companies’ blog.