More than half of all U.S. companies suffered cyber attacks in 2017 – critical data and infrastructure compromised in the process. And the cost is mind-bending, with estimated costs at $6 trillion a year by 2021.
As these attacks relentlessly rise, it’s crucial to understand what causes vulnerability and what can be done to stay protected. Novus Insight Chief Technology Officer Greg Bugbee delivered that vital message of cyber security to a Jacksonville, Fla. chapter of the Building Owners and Managers Association (BOMA) International last week. BOMA is an international federation of over 90 local organizations and 19,000 members that own or manage more than 9 billion square feet of commercial property in North America and abroad.
Bugbee, a Certified Information Systems Security Professional, addressed the latest cyber-attack trends impacting individual and property owners on May 15 at the Deerfield Country Club. He highlighted the biggest risks involved and suggested effective ways to proactively spot and thwart attacks. This included identifying malicious e-mails and popular targets within organizations, as well as best practices for improving an organization’s overall security posture.
“Security is everyone’s responsibility. If a device that you’re working with has an IP address, you have a responsibility to secure it. With connected buildings, it is the responsibility of the owners, maintainers and tenants to understand their role in keeping the environment safe, just as with physical security.”
– Greg Bugbee, CISSP
Chief Technology Officer, Novus Insight
One of the main topics presented was the vulnerability inherent in IoT (Internet of Things) connected devices. IoT refers to the multitude of sensors and hardware devices with internet connectivity that collect and share data. This includes devices installed in homes and businesses such as routers, smart thermostats, WiFi-connected HVAC systems, smart lighting, and security cameras. These all become a potential gateway for someone to gain remote access. Bugbee explained that, without proper setup and monitoring, any device with no or low security that’s connected to a network can be breached. From there, an intruder has an entry point into the entire network of devices, access to private information, a platform from which to inject malicious code into software-driven processes which can bring a business’s daily operations to a costly standstill.
Additionally, Bugbee touched on password complexity and the value of multifactor authentication. Multifactor authentication is a security feature that requires a user to provide two or more forms of evidence (or factors) to prove their identity before being able to access e-mail or other sensitive data. These extra layers of verification make it more difficult for hackers to gain access to data, even if they know your password, and can significantly reduce risks for any individual or organization.
With close to a decade of experience in cybersecurity, risk management, and disaster recovery, Novus Insight takes a firm stance on security and seeks to inform not only its clients but also the public about the risks involved in using lax practices when handling sensitive information.
For more information about cybersecurity or an assessment of your organization, contact:
Carl Fazzina at 860-282-4200.
Image credit: Sean MacEntee/Flickr