2017 may just be turning into a record year for cyber hacks. As use of technology grows and more and more important data is stored on the Cloud, the payoff for hackers is bigger than ever. And because cyber security protection measures are frequently lacking, even in large corporations, hackers can often hit paydirt with ransomware without much trouble.
The latest in a seemingly endless stream of breaches, the market research and advisory firm Forrester had its main website hacked on Friday, putting countless research reports at risk. Thankfully, the breach was discovered while it was still happening, before any confidential client information had been compromised. If it hadn’t been detected so early, the breach could have been quite destructive. But the truly concerning thing about this breach is not the damage it caused but what caused it–there was no malicious malware embedded in a legitimate-looking email, no massive system-wide ransomware infection. No–the breach happened because the hacker got ahold of the login credentials of a legitimate customer. Forrester has not revealed exactly how that took place, but their CEO did acknowledge that it might have resulted from Forrester’s attempt to make their site easy for users to access.
This ransomware infection hack seems to fall within a general trend for 2017: these breaches aren’t necessarily occurring because hackers are getting smarter, but because cyber security is getting laxer. If a system’s login page is not adequately protected and screened, or if passwords are not strong enough or secure enough to keep them safe against theft, a hacker can and will easily get into a site and do as much damage as they can there. This was not some cunning, state-of-the-art scheme to steal data. By now, we should know better than to leave ourselves unprotected–especially to rudimentary hacks like this one.
The first step in nipping these breaches in the bud is clear–organizations need to wake up to the fact that their responsibilities are changing and growing with the threat landscape. At the very least, they need to be keeping up with the growth of cyber technology and web-based data storage by implementing the necessary measures. There is absolutely no excuse for falling behind enough that organizations can still be duped by the oldest hacks in the book.
The next step involves organizations actually taking the necessary measures to properly equip themselves against attack. This is where a company with expertise like GLS’ comes in. After 30 years in the cyber security industry, GLS understands both the threat landscape and the most effective ways to combat it. Our team has seen it all, from old-school password hacks to the most-cutting edge Ransomware viruses. As a result, we know exactly what organizations and their employees need in order to stay secure. Not only do we offer numerous courses on system security and password protection, we also boast an end-to-end, client-focused training approach that zeroes in on clients’ specific needs and security gaps to provide tailored solutions. And while we don’t offer physical network security measures, our in-depth training and knowledgeable subject matter experts will certainly equip administrators with the knowledge necessary to make informed decisions about physical security needs.
2017 doesn’t need to be a breakout year for cyber breaches and ransomware infection. GLS wants to help your organization turn the trend around. Using our in-depth courses and expertise, you can take your security knowledge to the next level–rather than falling behind the threat landscape and falling victim to hackers, you can stay one step ahead of the threats. Don’t wait until for an embarrassing and financially disastrous breach to occur in your organization before you take real steps to prevent it. Stay ahead and stay safe–contact us to find out how we can help you protect your organization.
What Can You Do?
If you are concerned about your employees’ personal cyber security habits at work and at home and the impact they can have on your company, here are a few resources that may help.
- Watch the recorded webinar, Developing Security-Minded Employees for Defense Beyond Organizational Boundaries. It is a great resource for practical steps for creating digital habits and maturing your security culture and tailoring it to your organization.
- Request a free copy of the Gartner Research Note, How to Secure the Human Link.
- Check out Leading a Secure Organization, a new course from GLS. It includes modules on Data and Devices, Organizational Cyber Risks, and The Human Firewall.