Edit ModuleShow Tags

Protecting against growing cyber threats


Published:

It is commonplace to read about large companies such as banks and retail chains being targeted for cyber security intrusions, but what many business owners do not realize is that small- and mid-sized companies throughout the country are being hit by similar cyber attacks.

Businesses of all sizes are regularly being victimized, and most companies don’t have the infrastructure or plans in place to combat these issues. Smaller businesses can be crippled or even put out of business. Here are four key areas of cyber criminal activity and steps that can be taken to limit a company's vulnerability:

Intrusions by Competitors

The troublesome side of business competition sometimes occurs through unethical and even illegal actions by competitors. One common example is 'Black Hat' (bad guy) search engine optimization (SEO) tactics, such as buying negative backlinks to a competitor's site. This usually includes problematic content such as human trafficking or sex sites, malicious links that can cause Google to flag the victimized company in a way that severely diminishes the business in searches, or have the sites de-ranked in Google search results. Small businesses can combat this by maintaining a Google webmaster tools account and regularly updating their site content. These companies should also do regular checks on backlinks using online tools; small business owners can then contact the link holder and ask to have it removed or hire someone to have the links removed. 

Theft of Intellectual Property

Intellectual property (IP) theft is quite common in today’s business world, not just in the technology sector, which tends to receive more coverage of these crimes. Many companies have some form of IP, and as a business advantage it's subject to theft. This can come from a current or former employee, a competitor or even a foreign government (particularly where federal contracts are involved). In order to combat IP theft, companies should create logical separation of accessibility to information. Only a limited number of highly trustworthy people, based on background checks and other predetermined items such as position and potentially clearance, should be allowed access to critical IP on a 'need-to-know' basis. Those with access should sign legally binding documents regarding protection of the information. Documents should be encrypted and systems should either disable USB devices to copy materials, or track who does so as a strong deterrent to theft.

Threats to Mobile Devices

It's common for companies to allow employees to use their personal devices for business purposes and to connect to company systems. The proliferation of smart devices comes with great convenience and productivity, but also tremendous risks. Business information can be compromised based on each person's system controls, which are often not up to company standards. The chain of cyber security is only as strong as its weakest link and mobile devices can be wirelessly hacked, or the simple loss or theft of a device compromises data. To help protect against mobile threats, companies should implement a mobile device management mechanism across all devices, not just company provided ones. This could involve encryption and protocols that limit or eliminate the capability of sending attachments. Companies also have to tell employees about the importance of such policies and should have them read and sign documents requiring adherence to company standards.

Security of Client Information

Cyber incursions often pursue client information held by a partner company as a way to take business and undercut client confidence in a partner company holding the information. Cyber criminals can pretend to be a trusted source at the partner company and gather more information. Law firms are examples of businesses that hold a large amount of important client data. It's a good lesson to extend system security to cover client information and also to make certain other companies protect your data with equal vigilance.

All of these cyber threats can be damaging, and some can result in cyber ransom, which has been on the rise. It often starts with demands for small amounts of money that increase after initial payment. Many companies now retain 'White Hat' (ethical) hackers to test systems in order to find and fix weaknesses to improve security before the criminal hackers attack.

Edit Module
Charles Tendell

Charles Tendell is a cyber security expert and CEO of Azorian Cyber Security (http://azoriancybersecurity.com) in Denver and Monument. His email is Charles@Azoriancybersecurity.com.

Get more content like this: Subscribe to the magazine | Sign up for our Free e-newsletter

Edit ModuleShow Tags

Archive »Related Articles

Roche Awarded Weld County Jail Expansion

Located at 2100 O Street in Greeley, the Weld County North Jail Complex is currently 217,568 square feet and houses 779 beds, plus the associated administrative and support spaces.

Late Season Snow Slows Dipping Occupancy in Colorado Mountains

Boosted by plentiful snow, the month of March finished up 0.5 percent compared to last year at this time and helped drive an aggregated 1.7 percent gain in revenue for the season as of March 31.

Bringing a Disruptive Business to Colorado

With Carvana, we can't save you from spending a Saturday in I-70 skier traffic, but we can save you from a Saturday of drinking coffee from a Styrofoam cup at an area dealership waiting for a salesman to "check with his manager."
Edit ModuleShow Tags
Edit ModuleEdit ModuleShow Tags
Edit ModuleShow Tags Edit ModuleShow Tags
Edit ModuleShow Tags Edit ModuleShow Tags
Edit ModuleShow Tags Edit ModuleShow Tags