It may be the end Cybersecurity Awareness Month, but cyber-defense never stops. To round out our October series, we spoke with Adam Baligian, iVenture escalation engineer and security guru.
He gave us predictions and practical advice for businesses to use next year. Read on to learn what Adam sees for 2020.
_________________________________________________________________________________________________________________________________________________
But first, learn the Who, What, When and How of Cybersecurity
_________________________________________________________________________________________________________________________________________________
Adam:
Unfortunately, it was scams, scams, scams. Take these examples:
- Ransomware saw a 109% increase in 2019 over 2017. And attacks are expected to rise to every 11 seconds between 2020 and 2021.
- Phishing has broadened to SMS (texting) and social media
- A scary new scam involves a fake ICE agent requiring you to pay up or risk getting deported
And you’ve no doubt received scam calls about refunds, loans and other IRS issues. As we move into 2020, expect these scams to increase in frequency and intensity.
Adam:
More ransomware attacks and higher ransom costs.
Make sure your mobile carrier account has a pin number associated with it. Contact your carrier to verify their security procedures.
There currently isn’t any tool to stop a scammer from spoofing your number to call other people.
Industry-focused attacks
Hackers see hospitals or local power companies as prime targets. Because these industries need to be “on” all the time, they’re likely to give into ransom pressure.
Adam:
It’s safe to say those Nigerian Prince scam emails have gone the way of the dinosaur. Instead, hackers have evolved schemes to make more money than old-school emails ever did.
Adam:
The best type of protection is a smart user. Period. An educated user who questions everything is safest.
Do:
- Use different passwords for different sites. LastPass is a great free tool that manages your passwords in a secure, centralized place (great for home use).
- Setup two-factor authentication on all accounts
- Double check everything. Be suspicious of emails, links and phone calls.
- Commit to hourly data backups. Daily isn’t enough.
Don’t:
- Store your passwords in a folder, or anywhere easily accessible
- Insert USB thumb drives into a computer. Instead have the person email the document/photo/etc. to you.
- Reply to suspicious emails, even if it comes form someone you trust (boss, accounting, etc). Call the person who sent it to confirm.
Adam:
- What’s your current password complexity/expiration policy
- What’s your user termination policy? (It should be documented on paper)
- What compliance certs do you hold (HIPAA, SOC, PCI DSS, SSAE)?
- How often are data backups performed and how often does a test restore occur? (Important with the rise of malware)
- How are issues/resolutions documented? (Knowledge should be shared between team members; no kingdom keeper)
- What security updates get installed, when and what type of pre-installation vetting?
Adam:
I love technology and the advancements in all its aspects. Beside advancements in cybersecurity, I’m excited for the future of automated driving vehicles and Augmented Reality (AR).
Start 2020 with the right cybersecurity in place. iVenture Solutions is an award-winning managed service provider delivering superior IT solutions to clients across Florida.
As a leading-edge IT firm for small and medium-sized businesses, we provide a diverse range of services covering the entire scope of IT including maintenance, support, hosting and more.
Through rapid response time, reduction of chaos and the right people, our expert team of IT professionals will fulfill your technology needs. At iVenture, we give you more time to do what matters most.