Time to Clean Up Our Cybersecurity Streets

What if I told you that by not protecting your business against cyber-attacks you were being selfish? Yes, selfish. Being a victim of a cyber-attack or fraud isn’t just your problem. It’s everyone’s problem. Here’s why.

Many top cyber-security threats spread via compromised computers

Infecting a computer, then using it to spread the infection further isn’t a new strategy – it’s exactly how viruses have worked for decades. Today, compromised systems can have a greater impact than ever before.

Bot-nets are a group of computers that have been compromised and can be coordinated like a zombie army. They’re used to spread their own software, spam, viruses, ransomware, or perform denial-of-service attacks.

Your system can be part of a bot net, spreading spam or malware and you never know.

Having your website attacked no longer means hackers simply “crashing it” or defacing it. More often they’re much subtler. Imagine if they put a virus on it that spread automatically when someone visited. There is now ransomware that can do exactly that. No download required.

With every victim, cyber-criminals are encouraged to do more

I remember a time when “hacking” was more about status than money. That’s changed.

The incredible “success” of Cryptolocker, which is estimated to have made more than $30 million in its first 100 days (in 2013) and $325 million overall led to a massive number of ransomware threats.

Stealing private information through social engineering has become so common that most of us laugh it off. Did you get a call from Microsoft or Dell telling you about a security threat on your computer? If people didn’t fall for it, the scammers would stop trying.

CEO fraud is one of the biggest financial threats right now. With more than $2 billion lost to fraudsters, every company should take notice and put appropriate controls in place. But most companies haven’t yet. Can you imagine being the CEO who lost $40 million or $50 million? Of course, for every whale there’s hundreds who lost a few thousand. Every penny earned by these fraudsters means they’ll continue trying.

Every time there is another victim, the criminals become more confident and the market gets larger.

It’s time to clean up our community

In many areas, people have gathered together as a community to clean up their streets, drive the drug dealers out, and make their areas better for everyone.

It’s time for us to do that with our businesses. Close the door on malware, shut down the bot-nets, laugh in the face of the fraudsters and scammer. And every time we do this, we reduce their power.

Yes, new attacks appear daily, but if you have a good security program in place, you’re at a much lower risk for being a victim.

Every business, from a sole-proprietor to international conglomerate, should have a security program in place. How the program is implemented will vary from business to business but the key elements are always the same:

1. The program needs to be driven from the company’s leadership
2. An understanding of risks and security is integrated into every part of the business
3. Everyone in the company receives security awareness training. They’re all part of the solution
4. Security is a cycle, not a point in time. Your business and its threats are changing and your security needs to reflect that

As the leader, your first step is to get educated and start having the right conversations with your team.

It’s time to stop being selfish. Your community needs you to take the lead and secure your business and make hackers’ lives more difficult.

This article was originally published on CSO. It is reposted here with the author’s permission.

About the Author

Mike is a Technology Strategist, Project Superhero and Cyber-Security Simplifier. He is a partner at Incrementa Consulting, a boutique consulting firm dedicated to helping businesses be more successful. You can connect with Mike on Twitter, LinkedIn or the Incrementa website.