Get started on your Homeland Security Degree at American Military University.
By Susan Hoffman
Note: This article is part of a university series for National Cyber Security Awareness Month in October. This week’s theme is STOP.THINK.CONNECTTM: Simple Steps to Online Safety.
Over the past decades, technology has developed and become more powerful, forcing cybersecurity to evolve along with it. Hackers have progressed from mere phone phreaking, worms and viruses to ransomware attacks and highly sophisticated hacks on high-profile targets, such as:
- The National Health Service (NHS)
- Lockheed Martin
- RSA Security
- Verizon Enterprise Solutions
- Internal Revenue Service (IRS)
- Federal Deposit Insurance Corporation (FDIC)
The motivations for these hacks vary. For instance, hackers are motivated by revenge, bragging rights, “hacktivism,” financial gain or even espionage. Other hackers may have ethical reasons for their hacks; they may be doing penetration testing for an organization to assess its cybersecurity vulnerabilities.
For victims – especially the high-profile ones – the hacks result in the loss of important data and records, public humiliation on a national or worldwide scale, and a massive loss of customers. Also, the hacker’s victims lose significant money through lawsuits, the cost of replacing lost data and less income from consumers who decide to take their business elsewhere.
Top Concerns of Business and Consumers Involve Cybersecurity
Cybersecurity definitely worries both businesses and consumers. According to a September 2016 Security Magazine article, cybersecurity is one of the top issues among business owners. Those concerns also include:
- Medical cost inflation
- Rising employee benefit costs
- Cyber, computer, technology risks/data breaches
- Legal liability
- Attracting and retaining talent
The Security Magazine article also mentions that the impact of cybersecurity hacks is among the top fears of consumers, who are most worried about:
- Financial concerns
- Personal safety concerns
- Personal privacy loss and identity theft
- Transportation and travel
- Cyber, computer and technology risks/data breaches
How Can We Create Stronger Protection from Cybersecurity Hacks?
With the massive number of desktop computers, servers, laptops, smartphones and tablets in use, it may not be possible to protect every device and network. But there are some steps that organizations can take to protect themselves:
- Education and training for all employees from C-level to front-line workers. Everyone in an organization – especially organizations that deal with valuable personal data or money — needs to know how to create secure usernames and passwords, recognize hacking attempts and how to deal with them.
- Improved communication skills for internal cyber experts. While some C-level executives and managers might be unwilling to finance more cybersecurity protection, cybersecurity experts must find the words to persuade them of the urgent need for better security. Otherwise, more breaches will occur and more companies and customers will suffer the consequences of security breaches.
- More use of cybersecurity insurance in the marketplace. According to the Department of Homeland Security (DHS), “a robust cybersecurity insurance market could help reduce the number of successful cyber attacks by: (1) promoting the adoption of preventative measures in return for more coverage; and (2) encouraging the implementation of best practices by basing premiums on an insured’s level of self-protection.”
- Harnessing the benefits of technology improvements. For instance, biometric technology – such as iris scans or facial recognition software – has become increasingly popular as a method of identifying and authenticating computer users. Cybersecurity experts and security consultants can also suggest technological ways to improve organizational security.
Ultimately, the best cybersecurity protection comes from human behavior. Whether that’s a board of directors who decides to set aside money for strengthening firewalls or quick-witted employees who recognize and prevent a hacking attempt, human behavior often makes the difference between a successful or unsuccessful hack.