The executive order released Feb. 12, 2013, by the White House on improving critical infrastructure in many ways confirms cyberattacks have become a serious threat to national security.
While the order’s focus is on protecting critical infrastructure, such as power grids and hospitals, private sector companies also should take cyberattacks seriously.
“Business owners will lock their cars and protect their homes in sophisticated ways but won’t protect the most critical area, which is where their data sits,” says Pervez Delawalla, president and CEO of Net2EZ. “Because it’s not happening in front of us, but in the cyberworld, many tend to not pay attention.”
Smart Business spoke with Delawalla about cybersecurity, the threats that exist and how companies can protect themselves.
What are the threats?
The biggest threat facing our digital information is foreign governments trying to penetrate our systems for intelligence from which economic value can be gained. A great deal of proprietary information, such as designs and ideas for new products, is being stored on company servers. If that information were extracted, it could offer a competitive advantage.
The common thought used to be that a cyberattack would result in a company’s website going down. A hacker looking to make a name for him or herself would attack a site by bombarding it with bogus traffic, and it would cease to function. Now, hackers are looking to stay behind the scenes because the data they gain can be a lot more valuable than shutting down a site.
What could be the extent of the damage?
In extreme cases, a data breach could trigger the complete downfall of a company. Depending on the nature of the attack, a breach could cause customers to lose trust in the company and its brands. That’s in extreme cases. In other instances, valuable intellectual property could be lost and the associated R&D investment would be hard to recoup.
How can a company recognize its exposure to cyberthreats?
Many times exposures come from within the company, so it’s important to understand what employees are working on and who has access to what data.
Also, consider the risk when an executive travels overseas. When using his or her smartphone, it’s possible software can be downloaded on the phone without his or her knowledge. When that person comes back and connects to his or her office network, the software that was downloaded could penetrate into his or her network.
What are some critical components of good cybersecurity?
It’s important to establish layers of protection. For example, set criteria for employees to access certain company information on its servers. Similarly, companies should employ hardware in layers in order to protect critical data. There are hardware devices designed specifically to stop distributed denial-of-service attacks.
Intrusion protection systems can detect when someone penetrates a company’s network and identify who, where and how. Firewalls also are useful to block unwanted traffic, but have them periodically audited to ensure their effectiveness.
It’s important to have all of these systems audited. Too often companies set up these systems and forget about them until something bad happens.
Regarding mobile security, executives traveling overseas should take a conventional cellphone. Another option would be to back up the data on your smartphone before the trip, use the phone overseas, and then wipe the entire phone before connecting to any of your home networks again.
Who can help put a solid cybersecurity plan in place?
There are professionals who have expertise specifically in cybersecurity. Companies in some cases are adding chief security officers to work alongside chief technology officers. However, if a company is not large enough to appoint someone to such a position, then the best option is to work with a consultant who is focused on the security side or a company that provides cybersecurity services on an ongoing basis.
Pervez Delawalla is president and CEO at Net2EZ. Reach him at (310) 426-6700 or [email protected]
Insights Technology is brought to you by Net2EZ