Home Posts tagged Secure

Cybersecurity Conference This Fall Will Help Businesses Stay Safe

By Contributor
Technology

Layers of Protection

By Mark Morris

 

As the world increases its dependence on the internet for all kinds of transactions, keeping everything secure becomes a constant challenge.

Cybersecurity experts compare their work to an ‘arms race’ in which every new, secure tool they put in place motivates cybercriminals to find a new way to defeat it.

“When you think about it, we need to be right all the time; they only need to be right once,” said Charlie Christianson, president of CMD Technology Group, which installs computer networks for all kinds of companies and keeps them safe.

Paul Whalley, president of Growth for Your Company (G4YC), said cybersecurity is like physical security in that, the more difficult it is for criminals to defeat, the better the odds of not being a victim.

“For example, if criminals want to rob a house, they are more likely to hit the house with an open door over one with bolted locks on every door, tightly shut windows, and a sign out front that says they have a security system.”

“Two-thirds of people use the same passwords on multiple online accounts. Imagine if a cybercriminal knows that one password and can log into your financial, work, or cloud accounts. It happens every day to millions of people.”

In his current venture with G4YC, Whalley helps companies like CMD Technology Group grow their business. In addition, Growth for Your Company is organizing a cybersecurity conference on Tuesday, Sept. 19 from 8:30 a.m. to 3 p.m. at Twin Hills Country Club in Longmeadow. The idea is to educate local business leaders and IT professionals on evolving cyberthreats and the latest tools to combat them.

Businesses that purchased antivirus software years ago may think they are protected, but Christianson noted that, even if the old software blocks a cyberattack, it can take months to determine the source of the attack and how it gained entry.

“The new software tools can make a huge difference because they will immediately point you in the right direction to find the problem,” he said. “Some will block the threat and move it to a safe server to determine if it needs to be quarantined.”

Two-factor authentication (2FA) — that access code a bank sends by text after the customer inputs a password — has emerged as a strong deterrent against outside attacks. Encouraging safe practices such as a written policy to guide employees on how to act when they are using the company’s system is another key to fighting cyberattacks.

The software tools are only as good, however, as the people using them. Scott Augenbaum is a retired FBI agent and cybercrime-prevention trainer who is scheduled to present at the fall cybersecurity conference. Augenbaum contends that online safety begins with basic practices everyone can follow, starting with passwords.

“Two-thirds of people use the same passwords on multiple online accounts,” he said. “Imagine if a cybercriminal knows that one password and can log into your financial, work, or cloud accounts. It happens every day to millions of people.”

When he retired from the FBI in 2018, Augenbaum said, cybercrime was a $4 trillion problem. Since then, the cost to society has doubled. “The pandemic ruined everyone’s lives except the cybercriminals. So many people were shopping online, working from home, and logging in remotely to our most critical sites.”

In addition to using 2FA, Augenbaum recommends that businesses and individuals identify what he calls “mission-critical accounts,” such as banks, credit cards, and cell-phone accounts, and make sure each password is unique and at least 12 to 15 characters long.

All three cybersecurity experts told BusinessWest no one is too small to be a target for cybercriminals.

“Every one of the victims I’ve worked with felt they didn’t fit the victim profile,” Augenbaum said. “Anyone who thinks they are immune because they are a small business increases their chances of joining the list of small businesses that have been victimized.”

Christianson agreed, and gave an example of someone who owns a pizza shop. “That person might think they are only in the pizza business, so what could happen? Well, they most likely process credit-card transactions, and that’s a gold mine to a cybercriminal.”

He added that it’s important for a business owner to consider what is unique in their environment that makes them vulnerable to a cyberattack. There was a time when insurance for cyberattacks could quickly help a company get back to business but after years of increasing claims, that has changed.

“There is a new landscape for cybersecurity insurance companies,” Whalley said. “Companies are now more stringent on eligibility to get cyberinsurance.”

Before selling a cybersecurity policy, Christianson added, insurers want to know that a business has built several layers of protection into its systems.

“Just like an onion has layers, an effective security system also has layers to make it harder to penetrate a company’s data,” he explained. “If one layer gets defeated, there’s another one right behind it to stop a potential breach.”

The Sept. 19 conference will focus, in large part, on how to create those layers of protection with technology and a more educated human element.

“Along with the technology, we will be encouraging training so everyone understands how to mitigate the risks,” Christianson said. “We all have a role to play in preventing cyberattacks.”

Don’t Make Yourself a Target with Easily Cracked Passwords

By
Cybersecurity

Guessing Game

 

NordPass, a password manager that provides users with an encrypted password vault, recently released its annual report on the most commonly used — and, therefore, most easily cracked — passwords.

The most common password globally? That would be ‘password.’ The rest of the top five: ‘123456,’ ‘123456789,’ ‘guest,’ and ‘qwerty.’

In the U.S., ‘guest’ takes the top spot, followed by ‘123456,’ ‘password,’ ‘12345,’ and ‘a1b2c3.’

Clearly, not a lot of effort is going into creating such passwords, and it doesn’t take a hacker much time — mere seconds, actually — to defeat them.

Popular films and TV shows also rank among the past year’s most popular passwords, including ‘batman,’ ‘euphoria,’ and ‘encanto.’

“While the worst passwords might change every year, human beings are creatures of habit,” NordPass notes. “Every year, researchers notice the same pattern — sports teams, movie characters, and food items dominate every password list.”

Here are a few tips from the Federal Trade Commission (FTC) to create strong, secure passwords.

 

Make Your Password Long and Strong

That means at least 12 characters. Making a password longer is generally the easiest way to make it stronger. Consider using a passphrase of random words so that your password is more memorable, but avoid using common words or phrases. If the service you are using does not allow long passwords, you can make your password stronger by mixing uppercase and lowercase letters, numbers, and symbols.

 

Don’t Reuse Passwords

Use different passwords for different accounts. That way, if a hacker gets your password for one account, they can’t use it to get into your other accounts.

 

“While the worst passwords might change every year, human beings are creatures of habit. Every year, researchers notice the same pattern — sports teams, movie characters, and food items dominate every password list.”

 

Use Multi-factor Authentication When Possible

Some accounts offer extra security by requiring something in addition to a password to log in to your account. This is called multi-factor authentication. The something extra you need to log into your account fall into two categories: something you have, like a passcode you get via an authentication app or a security key; or something you are, like a scan of your fingerprint, your retina, or your face.

 

Consider a Password Manager

Most people have trouble keeping track of all of their passwords. The longer and more complicated a password is, the stronger it is, but a longer password can also be more difficult to remember. Consider storing your passwords and security questions in a reputable password manager. To find a reputable password manager, search independent review sites, and talk to friends and family for ones they use. Make sure to use a strong password to secure the information in your password manager.

 

Pick Security Questions No One Else Can Guess

If a site asks you to answer security questions, avoid providing answers that are available in public records or easily found online, like your zip code, birthplace, or mother’s maiden name. And don’t use questions with a limited number of responses that attackers can easily guess, like the color of your first car. You can even use nonsense answers to make guessing more difficult — but if you do, make sure you can remember what they are.

 

Change Passwords Quickly If There’s a Breach

If a company tells you there was a data breach where a hacker could have gotten your password, change the password you use with that company right away, and on any account that uses a similar password. And if someone is using your information to open new accounts or make purchases, report it and get help at identitytheft.gov.

 

Bottom Line

“Passwords are the locks on your account doors,” the FTC notes. “You keep lots of personal information in your online accounts, including your email, bank account, and your tax returns, so you want good protections in place.”

Ensuring Secure Retirement for All

By
Opinion

Opinion

By James T. Brett and U.S. Rep. Richard Neal

Core to the premise of the so-called American Dream is the idea that, if you work hard over the course of your career, you’ll get to enjoy a secure retirement. Unfortunately, for far too many Americans, that simply is not the case.

Consider this: nearly half of U.S. households with people age 55 and older have no savings for retirement. And almost 50% of private-sector workers — some 58 million people — do not even have access to a retirement plan through their employer, including small-business workers, self-employed workers, and gig workers.

Yet a typical Social Security check covers less than 40% of pre-retirement earnings, and that number is projected to drop to less than 28% within two years. At the same time, people are living longer. According to the World Economic Forum, a baby born in 2007 stands to live to be 103 — 36 years beyond Social Security’s current full retirement age. To further complicate matters, the student-debt crisis is also having an impact, with younger workers putting off saving for retirement because they are struggling to pay off student loans.

So how do we address this problem and ensure that all Americans are prepared for their golden years? There are several steps we can take that would have a tremendous impact.

First, we must continue to preserve tax incentives that encourage individuals to save for retirement. Allowing workers to contribute pre-tax wages to a 401(k) or other qualified retirement plan is a simple and proven way to encourage savings.

Second, it is critical that we take action to increase financial literacy — and that needs to start at a young age. It’s important that young people appreciate how student debt will affect them later in life, that younger workers understand just how much they need to be saving to be prepared for retirement, and that all employees are aware of the various tools available to them to invest in their own future.

… a typical Social Security check covers less than 40% of pre-retirement earnings, and that number is projected to drop to less than 28% within two years.

Finally, we must take steps to expand access to and increase participation in retirement-savings products and plans. In particular, we must make it easier for small businesses to offer retirement-savings plans by eliminating barriers for such businesses to band together in multiple-employer plans, thereby simplifying administration and lowering fees. It is also important to provide incentives for businesses to offer plans with automatic enrollment, and to require them to allow long-term part-time workers to have access to retirement benefits.

Congress must take bold action to bolster retirement savings and ensure that all Americans have access to the tools they need to save for their golden years. This crisis presents an opportunity for leaders in Washington to work collaboratively toward bipartisan solutions. The good news is that there already are bipartisan, bicameral efforts underway in Congress to pass legislation to bolster retirement savings.

The business community and our leaders in government must continue to work together to address and resolve the retirement-savings crisis facing our country. We owe it to the millions of Americans who work hard each and every day to keep our economy growing. We are hopeful that Congress will indeed take action on this important issue in the coming months so that all Americans will be able to realize the dream of a well-earned, secure retirement.

James T. Brett is president and CEO of the New England Council, a non-partisan, regional business association. U.S. Rep. Richard Neal represents Massachusetts’ First Congressional District and is the chairman of the House Ways and Means Committee.

News

Contact

Advertise

Events