The world we live in today is more connected—and at greater risk of cybercrime—than ever before. For this reason, we support the effort to raise awareness of the need for cyber security and safety online. October is National Cyber Security Awareness Month (NCSAM), and was created to help organizations focus on the reality of cybercrime and what we can do to prevent it.
Each week of NCSAM has a different theme. This year, you can look for the following topics:
Week 1: October 3-7– Every Day Steps Towards Online Safety with Stop.Think.Connect.™
Week 2: October 10-14 – Cyber from the Break Room to the Board Room
Week 3: October 17-21– Recognizing and Combating Cybercrime
Week 4: October 24-28 – Our Continuously Connected Lives: What’s Your ‘App’-titude?
Week 5: October 31 – Building Resilience in Critical Infrastructure
The Need for Awareness
Each one of us plays a role in staying safe online—and together we can prevent most data breaches and cybercrimes from taking place. In case you’re questioning the importance of this month-long initiative, the need for cyber security exists in the workplace and in your home. In one recent example, Yahoo announced a data breach “associated with at least 500 million user accounts” stolen in 2014; many are calling the incident one of the largest cyber security breaches ever. As reported by Jeff John Roberts, of Fortune.com, “The incident is a big deal, since so many have a Yahoo account of some type or other—for email, finance or fantasy sports and so on.” Yahoo is currently urging its users to change their passwords immediately.
The need for cyber security in the workplace is extreme, as the “…average consolidated total cost of a data breach grew from $3.8 million to $4 million,” according to the 2016 Ponemon Cost of Data Breach Study, sponsored by IBM. According to the study, “…the average cost incurred for each lost or stolen record containing sensitive and confidential information increased from $154 to $158.”
October’s NCSAM campaign hopes to not only raise general awareness about the threats we face online, but to also provide the tools and resources we need to stay safe—whether at home, on the go with mobile devices, or in the workplace. As the Director of the FBI, James Comey, testified before Congress, “the pervasiveness of the cyber threat is such that the FBI and other intelligence, military, homeland security, and law enforcement agencies across the government view cyber security and cyber attacks as a top priority.”
According to a PwC’s 2016 Global State of Information Security Survey, 38% of respondents said more security incidents were detected in 2015 than in 2014, while incidents of “hard” intellectual property theft increased 56% over the same period.
The survey results underscore the difficulty of defending against cyber attacks. Respondents of the PwC survey said they boosted their cyber security budgets an average of 24% in 2015, but financial losses as a result of data breaches fell by only about 5% from 2014 to 2015.
Part of the problem is that it’s difficult for individuals and organizations to remain on alert 24/7/365, according to Independent Tech Journalist Brian Krebs. Speaking recently on NPR’s “Here and Now,” he said, “We have a tendency … once we get the security in place to kind of set it and forget it and just don’t touch it, right?
“The only problem with that is it’s hard to find another field that moves faster than cybersecurity,” Krebs said. “So, the defenses that you used a year ago are virtually useless against today’s attackers, and if you’re not constantly updating those defenses … then you probably don’t know it yet that you’re already hacked.”
While it’s difficult for businesses to protect themselves against a cyber attack, it’s not impossible. Start by adopting administrative safeguards. This means understanding the risks and taking specific action to minimize them or eliminate them altogether. Businesses need to think about how they are using, transmitting and protecting electronic records. What devices do your employees use to access the data? Do you have a plan in place to protect those devices? Are you training your employees to handle electronic records safely and securely?
Hacking isn’t the only way to steal data. That’s why organizations need strong physical safeguards, too, because it’s possible for hackers to steal information by accessing the servers where the data is stored, as well as the devices that can access the data.
Your company should start by strictly limiting access to your data centers, as well as to any workstations that can access the information, and you should plan ahead in case a company laptop or device is lost or stolen. Reusing or retiring old technology is also a concern. How do you completely erase the sensitive data and passwords on a surplus laptop or tablet?
Sometimes breaches take place due to human error or due to a seemingly insignificant action. IT Departments and leadership teams should implement and educate employees in their organization on security policies and procedures so they know what to do and how important it is to follow company protocols.
What’s at Stake?
At OnRamp, we support National Cyber Security Awareness Month. We believe robust security is essential to any organization, and there’s so much at stake.
Security affects your bottom line, in more ways than one. Organizations required to maintain high-level-security and compliance with federal regulations like HIPAA, PCI DSS, or SOX, can face fines, legal penalties, and reputational damages for failing to protect sensitive data.
When it comes to safeguarding data, most organizations face multiple challenges. Insufficient resources, budget, and trained workers can make it difficult to prevent security issues. That’s why it makes sense to partner with a company like OnRamp that specializes in providing tight security for IT systems. Our hybrid hosting solutions blend private clouds, cloud-delivered services, and colocation to provide flexibility and scalability while meeting the most stringent regulatory requirements.
Show your support for National Cyber Security Awareness Month by sharing this, and other posts related to the topic of cyber security, with your networks. Remember to use the hashtag #CyberAware and to visit the Department of Homeland Security’s site for more National Cyber Security Awareness Month Resources. Concerned with your security? Contact our specialists for more information.
Additional resources on this topic: