Lessons in Internet security for businesses
Following the criminal hacking of South Carolina taxpayers’ information, businesses are asking what they have to do to protect themselves from hackers. While most organizations have network security that include firewalls, that may no longer be adequate; an experienced hacker can break through a firewall fairly easily. More security, knowing who is vulnerable to hacking and how the hackers operate can help.
Know your areas of vulnerability
What can you do to beef up your security to protect against these crimes?
First, be scrupulous about monitoring Internet security, remembering that compliance is NOT synonymous with security. Just because you may be in compliance with requirements for security measures, doesn’t mean you have any real security in place. Most organized crime hackers are ahead of of the game. These criminals target business and government, both of which are vulnerable to being hacked, especially since hacking into business and government is a priority of cyber criminals.
Second, all computer information needs to be closely monitored to keep the hackers from using employees to access private information through emails, social networks, passwords, etc.
Taking preventing steps to protect your business
While nothing in cyberspace is foolproof, taking certain measures to improve company security can make a difference in the constant battle to protect secure, sensitive information from hackers. Money spent to beef up security is a worthwhile expense. Having someone onsite who is in charge is imperative for protection from hackers. We recommend businesses take the following steps:
- Improve internal and physical security (cloud servers, vendors, and the company’s own sites)
- Plan defense measures in the event of a hack
- Rapid detection (South Carolina’s delay in discovery and notification was detrimental)
- Careful monitoring of employees and systems
- Contract a security provider
Of course, Cyber Risk insurance is a critical part of the equation in protecting any governmental entity or private business against cyber crime.
If you are hacked, timing is critical. The incident in South Carolina illustrates that point. The time between when the actual hacking took place to when notification was made was due in part to the state’s inability to discover the hacking themselves—the Secret Service made the discovery.
Source: “Protect Data from Lurkers and Hackers,” COLUMBIABUSINESSMONTHLY.COM, December 2012.