United States Secretary of Defense Leon E. Panetta warned before BENS aboard the USS Intrepid about the importance of cybersecurity for private companies and for the country as a whole. He said that we faced the very real possibility of a “cyber-Pearl Harbor,” but unlike Pearl Harbor, every American business with a web presence is vulnerable to attack. Here’s what you need to know to ensure that your business is not sleeping at the dawn of a cyberthreat.
In the past, many computer security threats were random, nuisance-oriented attacks. These have evolved into a more sophisticated and more serious array of attacks, including:
- Theft of user information, including credit cards and banking information
- Theft of business information
- Denial of service attacks that can block users from your websites
- “Hacktivism” that can harm your business image
- Computer worms or viruses that can infect and damage your systems
Some of these threats are immediate dangers, but others may be subtler and more persistent.
They take many routes to reach your systems. Often, they are direct attacks, but some hackers have been known to attack computers at smaller companies (where security resources are often fewer and weaker) that they think are going to be acquired by larger companies. The hope is that by embedding threats in the small company’s computers, they can sidestep the larger company’s security.
According to a 2012 Price Waterhouse Cooper (PWC) survey, 41% of US business executives reported that their companies had experienced a computer security attack in the last year. This included attacks that led to financial losses, customer information, intellectual property loss, and brand image damage.
You Need to Take a Leadership Role
Despite the significant number of attacks reported in the PWC survey, leadership is lagging when it comes to computer security. The PWC survey also showed that 26% of executives reported that CEO leadership is the primary barrier to effective computer security. If your company is going to remain ahead of computer security threats, you need to make it a priority, which includes dedicating an appropriate amount of personnel and financial resources.
Steps to Take to Ensure Security
If you want to make sure your business is ready to face today’s security threats, here’s what you have to do.
Listen to Your Security Experts: They know what threats are facing your systems, what your potential exposures are, and how to counter them.
Make Computer Security Everyone’s Job: The diverse nature of security threats means that every computer is a potential source of vulnerability. That means that everyone who uses your company’s computers must take responsibility for security. Make it clear what your employees can do to help.
Ensure Mobile Security: One area of exposure that is increasing is the use of mobile technology to access sensitive data or systems. Employees, especially executives, love to keep in contact, but if not properly handled, mobile access can lead to additional risk.
Add Layers of Security: Successful computer security depends on having multiple layers of defense. If you are depending fully on one type of security software, you may need to add additional layers to help.
Don’t Assume Security: Finally, don’t assume that your computers are secure simply because you haven’t had an attack. As we noted above, many developing threats begin subtly and take time to unfold. The next attack may already be in place, even if it hasn’t revealed itself.
If you take these steps, you can protect your company against the developing threat of computer attacks.