October is Cybersecurity Awareness Month, a national effort to raise awareness about the importance of cybersecurity and ensure that Americans have access to the resources they need to be more secure online.
Whether you’re a small business engaged in online marketing or simply utilizing services like Instagram and Facebook in your personal life, cybersecurity is relevant to all of us. We recently sat down with Garrett Laman, a Developer Intern at Central, to learn more.
In this article, we dig into the basics of cybersecurity. Check back next week for a follow-up post including tips on how to best protect your personal and business presence from cyber threats.
What are the current hot topics in cybersecurity?
Consumer privacy and consumer data protection are huge right now. Several states are currently crafting legislation around these topics in response to consumers becoming increasingly concerned with how much data they’re providing to businesses and how that data is secured. We see this reflected in the CCPA in California and the GDPR in Europe, two legislative pieces that aim to protect consumer privacy. We’re going to continue seeing this type of legislation grow in the coming years.
Another hot topic is the death of passwords. Microsoft and other big players in tech have realized that passwords are a weak link in terms of security. They are looking into alternatives that use biometric factors like fingerprints and retinal scans, as well as physical options like hardware keys.
What is the biggest misconception people have about cybersecurity?
Without a doubt, it is people thinking they are not a target because they’re not famous or wealthy. The reality could not be further from the truth. Information like your date of birth, social security number, address, phone number, relatives, etc. has a price on the dark web – and people will pay for it. Unfortunately, your personal information will always be valuable to somebody, so you should always consider yourself a target.
This also applies to small businesses. As a mom-and-pop shop, you may not think that you have anything worth hacking. Again, that couldn’t be further from reality. There is always a financial incentive for somebody to attack you, even if you don’t have a lot of money and won’t be considered a high-profile hack. Hackers know that small businesses typically don’t have a lot of cybersecurity resources in place, which makes them low-effort, low-risk, low-hanging fruit.
Can you give us an example of what it looks like when things go wrong for business when it comes to cybersecurity?
A small government contracting firm was notified that their data was being auctioned off on the dark web. It turned out to be a database tied to government facilities — the last kind of thing you would want leaked. Through their internal investigation, they found that the root cause of the leak was a senior executive who clicked on a malicious email attachment. Within a few hours, all their data was siphoned off to someone who sold it on the dark web. The Secret Service ended up getting involved, as did a bunch of forensics consulting firms. Ultimately, it resulted in over $1 million in damages, in addition to several days of lost business. All it took was one little click.
How should businesses talk to their customers about data protection?
Transparency is key, and small businesses should readily display and disclose how they’re using consumer data. Provide mechanisms for people to opt out of anything they’ve signed up for, like email lists. Make it easy for your customers to self-delete their account entirely, if they so choose. Report data breaches immediately. These simple things go far in instilling faith that your company cares about personal privacy and data protection.
Ready to learn how to better protect yourself? Stay tuned for the second part in our cybersecurity series: Protecting Your Business from Cyber Threats.