Featured Article Featured Article
Cybersecurity Strategies Tips to Protect Yourself, Your Business and Your Employees By Assemblymember Jacqui Irwin Cybersecurity has been a hot topic in the news lately, with breaches of large companies a familiar headline. But the size of a business is not what makes it a target; every type of business falls victim to data breaches. From doctors offices to advertising firms to small retailers everyone is a target for hackers. This is because most breaches are the result of indiscriminate scanning for vulnerable networks; if the hacker can get in they will look around, regardless if you have one piece of sensitive information or thousands. As the Chair of the Assembly Select Committee on Cybersecurity, I’m often asked about the best tips and strategies to protect the data of individuals and businesses. Below you will find five suggestions I recommend to be proactive in the protection of yourself, your business, and your employees: 1) Train your employees on how to avoid phishing emails. Phishing is the use of an e-mail, usually made to look official or from a trusted person that asks you to open an attachment, click a link, or asks for personal information like
10 | ConejoView
SUMMER 2018
a username and password. By using social engineering, the practice of manipulating people using personal information or relationships, these e-mails trick the recipient into giving more information or access to the sender. Your employee’s first reaction to any suspicious or unexpected email should be to first delete it, and then call the sender to verify the authenticity. A deleted message can always be resent if the message was legitimate. For more routine messages between your staff that requires a link or an attachment utilize a secret keyword (e.g. “Stagecoach” or “Channel Islands”) that will be harder for a hacker to replicate in fraudulent e-mail. Having your employees, especially those with access to your financial accounts, understand and avoid phishing e-mails is critical. Business e-mail compromise (BEC) is a favored tool of organized crime that uses phishing e-mails to convince employees to transfer funds under the guise it is for a legitimate business transaction. According to the FBI it has resulted in over $3 billion in stolen funds from businesses, big and small. Ensuring that your business practices include verification by phone or in-person for large transactions will help prevent these types of losses. Many e-mail service providers include prevention of phishing in their security offerings, often within their spam filtering options. Take the time to investigate if your e-mail service provider has additional options to turn on, or if there are competitors who can provide more protection.
