This collaborative piece on cyber security was skillfully written and originally published by Oneupweb – an awesome digital marketing agency based in Traverse City, Michigan!
Cyber Security Trends and Information from Oneupweb and Safety Net
The internet is built upon the beautiful idea that everyone can have access to information and share ideas, thoughts, dreams and so much more.
Unfortunately, there is no utopia, especially not online.
There are a lot of people out there looking to steal information. More than 40 percent of cyber attacks target small businesses.
Industries that are most likely to get targeted include education, healthcare and retail. Why? Because they store lots of personal records that hackers are looking to grab and monetize. And businesses in these industries are willing to pay to protect that information.
The internet is not a perfect place and cyber security isn’t something your business, regardless of industry, can afford to ignore.
What Is a Cyber Attack?
A cyber attack is an attempt by hackers to damage, destroy or exploit computer systems and networks. A malicious code is used to alter a computer’s logic in order to gain illegal access or distribute sensitive or private information.
You’ve no doubt seen a phishing email come through at work. For us, our boss always wants us to grab Amazon gift cards. Hackers mimic his email address and messaging so we’re more likely to believe it and click on the link without giving it a second thought. Having the right information about cyber security is the first step to stopping these scams from taking place.
One thing that is important to understand is that the hackers are typically not using the information for themselves, as it’s usually sold to a third party.
Cyber attacks target these three areas:
- Confidentiality – This is personal information like banking account info or credit card information.
- Integrity – More commonly referred to as a leak, sensitive information is released to the public for the purpose of discrediting an organization.
- Availability – Hackers here will block a business from accessing information and demand a ransom to get it back.
It’s a scary thought when another company hits the news because someone has gained access to their information. Consumers often demand answers or retribution (and rightfully so) because they’ve had something taken from them.
Don’t let your business become the next big scandal. Learn more about cyber attacks, cyber security and cyber insurance …
Types of Cyber Attacks
The first step to avoiding a cyber attack is awareness – be aware of what threats are out there. Here are some of the most common types of cyber attacks you might encounter:
- Malware – A software used to breach systems, often installed through clicked links and opened attachments.
- Phishing – Malicious emails that are sent with the intention of tricking users into giving away sensitive information. Malware is often attached to phishing emails and, according to the 2018 Trustwave Global Security Report, phishing is the most common type of cyber attack.
- SQL Injection – SQL means structured query language. Hackers insert malicious code that attacks servers using SQL.
- DDoS – This stands for distributed denial of service. A server’s central system is bombarded with multiple requests so the server stops granting legitimate requests until the company pays the hacker to stop.
- Man-in-the-Middle – With malware or on public Wi-Fi, these attacks occur when two parties exchange sensitive information and a hacker gets in the middle to steal the information.
- Zero-day exploit – This attack comes when a network vulnerability has been announced, but no solution has been implemented yet. When it rains, it pours, right?
There are more types of cyber attacks, but these are the biggest ones everyone should be aware of (and some you’ve probably experienced yourself). Phishing emails are what we get here at Oneupweb (remember the gift card email mentioned earlier?).
Cyber Security Information
Being online without security is like parking in a stadium lot and leaving your car unlocked. You’re just asking for trouble.
Everyone and everything is online, and businesses with personal, private information are especially susceptible to attack. They’re like a bright, shiny BMW with its windows down.
Cyber security is defined as “the process of protecting systems, networks and programs from digital attacks,” according to Cisco.
How Cyber Security Prevents a Cyber Attack
The definition of cyber security is fairly broad. Here, we’ll focus on IT cyber security, which is using software that recognizes cyber security threats and mitigates them so your system isn’t compromised.
Cyber threats change rapidly as hackers attempt to circumvent any security systems in place. There are often updates to software and other patches pushed out in an attempt to stay ahead of the curve.
Types of Cyber Security
You might be familiar with installing antivirus software on your personal computer. Here are a few examples of the types of cyber security software:
- Firewall – This is a broad term that refers either to software in place on a single device or a physical device attached to a computer network that works by filtering data to restrict threats.
- Antivirus – Software that scans a system to remove malicious software and viruses.
- Spyware Detection – Like the name suggests, it’s software that detects spyware (A.K.A. malware and adware) and removes it from devices.
- Password Protection – A program that stores and often generates unique passwords to help keep data safe. Take LastPass, for example.
Think of the difference between firewall, antivirus and spyware detection like getting sick. Firewall is prevention, like eating healthy; antivirus and spyware detection are like an antibiotic after you’ve gotten sick. Password protection is like practicing good hygiene (washing your hands, covering coughs, etc.). Plenty of people don’t do it, but everyone really should.
Besides software cyber security, there are steps everyone can take, without software, to prevent cyber attacks.
These are cyber security tips everyone can implement:
Panelists at the 2018 Cyber Security Business Insight Conference said employees are one of the biggest threats to cyber security. It’s important to provide your employees with tips to stay secure online:
- Awareness is the first step toward becoming more secure. Don’t think, “This won’t happen to me” – take cyber security seriously.
- Poor passwords are often the biggest threat. If you’re still using “password” as your password … why? Lock down your data with strong passwords and protection like we mentioned above.
- Be cautious when opening attachments or links, especially from an email address you don’t know or if the message looks mysterious or seems fishy.
- When online banking or handling other sensitive information, be sure to use a secure Wi-Fi network and personal device. This means not exchanging credit card numbers with clients while emailing or texting from the library or cafe.
- Back up your data often and ensure your antivirus or other cyber security software is all up-to-date.
- Be wary of devices plugged into your computer. Malware can be spread through USBs and smartphones, too.
- Monitor your accounts for suspicious activity. Many social media and banking accounts will do this for you, but you should know what’s happening on your accounts so you can detect abnormal activity.
While these tips get you and your employees started with cyber security (personally and professionally), the best way to stay secure is to educate your employees on cyber security best practices with tips from an actual IT professional.
This cyber security checklist from Safety Net will help you understand how prepared you are for a cyber attack.
In addition to best practices and cyber security software, it’s important to understand the role and benefit cyber insurance plays in total cyber security.
What Is Cyber Insurance?
Insurance is one of those things some don’t realize they need it until it’s too late. This goes double for cyber insurance. Cyber insurance is used to protect businesses from internet-based risks or other risks relating to IT.
Let’s revisit the car in a stadium parking lot metaphor from earlier.
You’ve taken the right steps and have an alarm, your windows are rolled up and your vehicle locked. But someone smashes your window. Despite the necessary precautions, you’re still left stranded. But! You have insurance.
Types of Cyber Insurance
There are two main types of cyber insurance, each protecting a different part of cyber attacks:
- First-Party Coverage – Covers damage to software and other concrete items from the attack itself.
- Third-Party Coverage – Covers fallout from the attack like customers suing your business for a breach of information, or needing to hire extra employees to answer a hotline.
Cyber insurance, like all insurance, is something best purchased with the help of a professional.
What Marketers Need to Know About Cyber Security
No doubt about it, marketers deal in customer data. And in today’s increasingly personalized world, we are aiming to get as much data about our customers as possible so we can more effectively reach them. With that much data comes more responsibility.
Customers know it, too. A recent survey showed 92 percent of people agree that companies need to be proactive about data protection. Still, marketers aren’t often in the loop with protecting customer data.
How Marketers Can Be Involved in Cyber Security
Regardless of their knowledge of technology, marketers are handling customer data, day in and day out. As a marketer, it’s important to know what you can do to stay on top of that data before, during and after a security breach.
1. Choose the right CRM to manage customer data.
Where you store, manage and access customer data is incredibly important. You need to make sure you’re choosing a CRM (Customer Relationship Management) you trust, with security measures in place. All the firewalls in the world won’t help keep customer data safe if the information is stored somewhere with no security measures in place.
Here are security measures to look for when selecting a CRM:
- Customized Data Sharing Rights – This gives you full control over customer data by saying who can or can’t download or share it.
- Data in Offline Mode – The right CRM won’t make data available in offline mode because this is an easy work-around for hackers.
It’s always important to do your research and choose the right CRM for your needs. This is just a reminder that security is something you need in your CRM.
Here are some popular CRMs:
2. Marketing and IT working as partners.
You just have to communicate. It’s not enough to let IT know you’re implementing new tools. Instead work with them to develop the right cyber security systems and educate the rest of your marketing team on the importance of cyber security.
Cyber Security Trends
As mentioned before, cyber attacks are always evolving to circumvent cyber security. These are some trends we’ve seen in 2019 that will continue into 2020:
Phishing Is Prevalent, Changing
Phishing is the most common cyber security threat. Year after year, it tops lists. Verizon’s 2019 Data Breach Investigation Report showed 32% of data breaches came from phishing.
It’s more than emails, though. Phishing now occurs in text messages (“smishing”) and those pesky calls you get claiming your social security number is suspended (“vishing”).
Mobile Phones Are Not Immune
For some reason, people believe their mobile phones are safe from attack. Mobile phones are everywhere, though, and they are connected to the internet, which means they’re open for attack.
Actually, it’s not just mobile phones you need to worry about. Your smartwatch, smart TV and smart fridge are all connected. And while you might not be storing data in your fridge, there are opportunities for hackers to get information from all these sources to target another device in your network.
Data Privacy Laws
With 2018’s GDPR and 2020’s CCPA, you can expect to see more areas where consumers are concerned about their data being sold or used incorrectly. While these policies don’t directly deal with cyber security, it’s a trend to keep an eye on.
AI is infiltrating our online world (and physical world). Cyber security using AI will continue to grow as it helps business respond more rapidly to security breaches and work around the clock to keep data safe.
Cyber Attacks Will Continue
One thing is certain, cyber attacks aren’t slowing down. As soon as an advance in cyber security is made, hackers start figuring out a way around it. The more the internet grows (this year was the first time more than half the world population was online), the more people are looking to make money through malicious intent.
Choose Trusted Partners, Always
The foundation of good security is trust. Your customers trust you to handle their data properly. You trust the systems you’ve put in place so when an attack is attempted, software prevents it. You trust your cyber insurance provider to help you navigate the chaos after a successful attack.
If you’re interested in learning more about cyber security, you can always reach out to the team at Safety Net. We’ve been working with them for years and, trust us, you can trust them.