Secret Weapons

Sage_Blog_SecretWeapon.jpg

As Cybercrime Becomes More Prevalent So Must Security Integration That Protects Against It

Once relegated to a sort of nerdy naughtiness portrayed in movies, cybercrime and cyberattacks have become a serious threat to both the infrastructure and physical security of many companies and organizations perpetrated by actual criminals.

A recent piece by Forbes highlighted some of the most urgent statistics relating to cybercrime:

  • Nearly 80% of senior IT and IT security leaders believe their organizations lack sufficient protection against cyberattacks despite increased IT security investments made in 2020 to deal with distributed IT and work-from-home challenges…

  • Data breaches have lasting financial effects on hospitals, reports suggest “More than 90 percent of all healthcare organizations reported at least one security breach in the last three years.”

  • The average cost of a data breach is $3.86 million as of 2020

  • On average, only 5% of companies’ folders are properly protected.

  • 78% Lack Confidence in Their Company’s Cybersecurity Posture

Any one of these statistics on their own would be cause for serious concern. But these numbers are just the tip of a very large iceberg that IT departments and security integrators everywhere have seen growing for quite some time. And now hackers and cyber-attackers threaten to sink businesses and individuals with single keystrokes, and the time is now to act.

GETTING AHEAD OF THE CYBERCRIME WAVE

Before we go over a few ways that company owners and facility directors can help keep their data, employees, and guests safe, we want to begin with a word of encouragement. Cyber-attacks go largely unimpeded because the language of cybercrime is new, and the field feels daunting to a certain degree.

What we want to encourage you to is this: the hackers and cybercriminals perpetrating these attacks use similar habits and methods that those who are looking to breach a physical building might use. Looking for unlocked entrances, windows left ajar, discarded key cards, parts of the buildings with little surveillance, and so forth.

While the language of cybercrime is still new, the methodology is shockingly similar. Securing a network against intrusion follows much the same protocols as securing a building – just in a digital space. So as we talk through some of these solutions, continue to orient yourself by using the mindset of a physical attack to keep track of your bearings.

KNOWLEDGE IS PROTECTION 

The first, and most crucial point in protecting against cyber threats, is staying up-to-date on the state of cybersecurity, both at your company and in the world at large. For many business owners and facility managers, this is a responsibility that will be passed on to the IT department. And that’s probably where it will do the most good.

But at many of the companies where we encounter potential clients, we often find a lack of knowledge on the part of the decision-maker about the state of their own cybersecurity or the dangers posed by cybersecurity in general. This lack of knowledge leads many business owners to be under-protected, not because they want to be, but simply because they don’t know enough about the dangers present.

It also means that some business owners may prioritize physical security over cybersecurity or not see the benefit in having those two facets be integrated. The more company owners understand cybersecurity, and the more integrated digital and physical security can be, the great the likelihood that cyberattacks will be thwarted 

Whether you’re currently looking to implement more significant cybersecurity measures or not, staying up to date will be incredibly useful to both you and your company. Doing things like:

THE PREPARATION DETERMINES THE OUTCOME 

When we think of cybersecurity threats as they relate to your business, we can think of two opposing teams getting ready to play any game that involves strategy, speed, strength, or another form of preparation.

In general, the team with the greater preparation has the highest likelihood of success. Think of it in this way:

You spend your time each week considering ways to grow your business, creating new products, growing and managing successful teams, crafting a company culture, writing and signing documents, leading meetings, directly supervising employees, and many other things.

Cybercriminals aren’t crafting a company culture or signing documents, or leading meetings. They’re solely dedicated to breaking into your network. All their preparation goes into that specific act. This is why cyberattacks are so successful; their preparation is often far greater than the preparation of those they’re trying to infiltrate.

To that end, we would encourage company owners, building managers, and facilities directors to encourage practices that help prepare for cyber attacks. Practices such as:

  • Regularly updating passwords and enforcing rules to keep them strong.

  • Uninstalling unused applications and services (once trial periods end, if the software is not being used, it should be retired from machines and the network).

  • Updating software and applying updates and patches to machines, networks, and software that turns on that network. This is where we see many unprotected machines that are vulnerable to attack.

  • Requiring those who work remotely to use a VPN (Virtual Private Network) when accessing company files or programs.

  • Upgrading security protocols to two-factor authentication or multi-factor authentication to make it harder for hackers to imitate your employees.

  • Conduct Phishing drills and increase training about phishing attacks at your company, especially those that might come through work email or texts on business lines.

There are many other ways to protect and prepare your business from cyber-attacks, but even a handful of preventative measures can thwart all but the most dedicated of hackers and attacks. When unprepared, the game is nearly impossible to win against cyberattackers. But when even marginally prepared, the odds of keeping your business safe increase dramatically.

INTEGRATION AT THE FOREFRONT 

With a willingness to learn about the state of cybersecurity and proactive preparation to keep threats neutralized, your business is well on its way to being guarded against cyber threats. The last encouragement we would give is to continue finding ways to integrate your physical security with cybersecurity.

Not only are the two commonly related, but their integration means a seamless web of protection around your business, data, and employees. As an example, consider security cameras. While they are a physical deterrent and tool against physical attacks, they most often are controlled remotely and store data on a network. A cyberattack with a mobile device could target a camera via the network and take down the camera exposing a hole in your cybersecurity and creating a hole in your physical security.

And that’s one of many scenarios where physical security and cybersecurity overlap. Our recommendation:

Find an integrator who can work with you to consolidate your physical and cybersecurity.

This often requires the cooperation of several different parts of your infrastructure, as well as access for the integrator to assess, install, test, and maintain the various parts of your security systems.

Finding the right integrator isn’t always easy, and especially one that can navigate the complexities of uniting physical security and cybersecurity. But that’s exactly the kind of challenge we relish at SAGE.

Keeping you safe, both inside and out, is what we do every day. And when it comes to cybersecurity, we don’t want to see any individual or organization get caught unready or unprotected.

Interested in learning how SAGE can provide the best integration services for your physical and cybersecurity needs?

Then we’d love to hear from you.

https://www.sageintegration.com/contact

Security SolutionsJohn Nemerofsky