How IT Firms Celebrate National Cyber Security Month (HINT: It’s Not As Crazy As You Think)
In case you haven’t heard, October is National Cyber Security Awareness Month. Every year the U.S. Department of Homeland Security and the National Cyber Security Alliance team up to raise awareness about cyber security concerns. This year, they’re appealing to end users to step up their game.
No matter the threat, one fact remains clear: the #1 threat to cyber security is you and your coworkers. That’s why the overall theme of this year’s cyber security month is “Our Shared Responsibility and We All Must Work Together to Improve our Nation’s Cyber Security.”
In celebration of National Cyber Security Awareness Month, we’ll dish out what organizations need to know about cyber security and how Gross Mendelsohn is keeping up with it.
What Organizations Don’t Realize
Many organizations don’t realize that the question is not if they’ll get hacked, but when. With the ever-changing threat landscape and the variety of malicious actors at work on the internet, it’s critical for businesses to invest time in understanding cyber security. (Hey, small businesses! This applies to you too.)
It’s no longer sufficient to just rely on antivirus software when it comes to preventing a breach. Your organization still needs to use antivirus and spam filters, but that is not the end-all and be-all solution. Spear-phishing and phishing attacks bypass spam filters all the time. If you don’t want to end up unknowingly releasing confidential information, or being held hostage by a ransomware demand, you need to learn how to identify a threat.
Sometimes, organizations can be a victim of a breach without even knowing it. Hackers can get into a network in sneaky ways. It’s obvious a network has been hacked when a warning comes up on your screen and all computer functions freeze. It’s not so obvious when your computer is functioning ok, but is moving a bit slower than usual.
What Do Organizations Need To Know To Protect Themselves?
Cyber security threats change every day, but there are a few basic tricks that remain the same. The first thing we recommend is to get smart about your organization’s backups. If a ransomware threat locks down your computer, or shuts down your entire network, a swift restore from backup will kick that hacker off your network and allow you and your staff to get back to work. Otherwise, your organization can be in big trouble.
Keeping software updated by applying the latest security patches can be key in preventing a breach. In the case of the PETYA malware, organizations simply needed to have the latest version of Windows to prevent a hacker from exploiting a known vulnerability.
It’s also crucial to set and regulate user permissions so staff has access to only what they need. It’s common for this to fall by the wayside after employees transition to different roles or leave an organization. Another common issue with forgetting to update software after employee transitions is the lack of a proper contact for important notifications. If your security software is not updated with the correct point of contact, you can risk missing an important message that could save your organization from a disaster.
In addition to keeping hardware and software up to date, it’s imperative to train employees how to identify a threat. Many organizations relay their cyber security policy to staff on their first day, but don’t discuss it again until after a cyber threat has impacted them. When it comes to a security breach, it’s always better to be proactive rather than reactive. You can get proactive by periodically sending your staff through cyber security awareness training or simply keeping them apprised of impending threats.
What Our Firm Is Doing To Get Proactive About Cyber Security
Clients are surprised that as a technology consulting firm, we’re not sitting in Fort Knox with military-grade technology—we’re doing exactly what we’re recommending to our clients.
Both small and large organizations can use the following methods to promote better cyber security.
We use quality software and constantly seek improvements. While you can’t strictly rely on hardware and software to save you from an impending cyber threat, we only use thoroughly vetted equipment.
We have specific staff designated to update software. Keeping software up to date can be challenging, and luckily we have a trusty HelpDesk to take care of it for us. Instead of piling all updates on one person’s desk, we have different people in charge of different software. That way, it makes it more manageable for each person to take care of. If your organization doesn’t have the internal resources to handle software updates and other important technology tasks, managed services could be right for you.
We pay attention to current cyber threats and alert our staff. When a staff member identifies a phishing threat in their inbox (they learned how in this free guide), they send it to our HelpDesk to analyze. Then, our HelpDesk sends a firm-wide message telling others to look out for that specific threat. Also, if there’s a massive threat on the horizon, like the Docusign Desperado or SAMSAM, they’ll let the team know about that, too. No one is left in the dark.
We have a company-wide cyber security presentation every year. Once a year, our firm comes together for a massive staff meeting. At this event, we invite our top networking experts to the podium to teach our staff about the latest cyber security trends. They leave the meeting armed with knowledge that will help protect the whole firm from a cyber attack.
We have one motto when it comes to cyber security: THINK BEFORE YOU CLICK. Our firm has worked hard to educate everyone about cyber security threats. We’re a collection of CPAs, wealth advisors and technology consultants -- we’re busy people! Our HelpDesk knows that it’s easy to get caught up with client work and let your guard down. That’s why they’re always reminding us to think before we click. If something seems off, take a moment to analyze it before immediately responding. It takes an entire organization to keep cyber security in check.
It’s not easy keeping on top of cyber security. Contact our team here or call us at 410.685.5512 to discuss how you can get proactive about cyber security in your organization.
About Bill Walter
Bill, our lead networking guru, loves showing clients how technology can be worked into their existing processes to improve efficiency. His expertise includes high level planning for internal and external networks, research and selection of hardware and software products, and hands-on installation and configuration of networks. Normally a pretty easygoing guy, Bill thinks there should be a law against wearing a Bluetooth headset when it’s not in use.