Corporate IT cybersecurity recommendations from Benjamin Dynkin 2023? An attack that directly or indirectly targets your customers would be disastrous not only for the customers but also for your company. The public relations catastrophe alone could be enough to ruin the business, not to mention the financial aspect. It could take years for people to trust you again, if ever. We’re not saying you’ve hired any shady characters, but employees are a common source of security breaches — 60 percent of them occur within the company, according to a survey by the International Data Corporation [source: Staff Monitoring]. For that reason, employees should be given access to only as much sensitive information as they need to do their jobs, and no one person should be able to access all data systems. Employees should be required to get permission before they install any kind of software on their work computers. Lock up laptops when they’re not in use. See even more details on Benjamin Dynkin.
GDPR requires that you inform the appropriate supervisory authority when you are aware of a breach. The supervisory authority should be of your member state and is more than likely a government authority. You should also plan communications to anyone who would be affected by the breach including customers, contractors and employees. Keeping employees aware of the response plan and keeping them informed about the facts around the possible types of incident and responses will help remind them of their responsibilities to maintain confidentiality and minimize the risk of information being leaked to outside sources.
Be Cautious of Public Wi-Fi. The laws and regulations that govern cyber security in other countries are typically not going to be the same as those found in the US. Free Wi-Fi access can be very appealing for business or leisure travelers but is also particularly vulnerable to security issues. Avoid unencrypted Wi-Fi networks; ask your hotel about its security protocol before connecting to the Web. Be extra cautious using Internet cafes and free Wi-Fi hotspots; if you must use them, avoid accessing personal accounts or sensitive data while connected to that network.
Learn about Phishing Scams – be very suspicious of emails, phone calls, and flyers. We recently blogged that phishing scams are nastier than ever this year. In a phishing scheme attempt, the attacker poses as someone or something the sender is not to trick the recipient into divulging credentials, clicking a malicious link, or opening an attachment that infects the user’s system with malware, trojan, or zero-day vulnerability exploit. This often leads to a ransomware attack. In fact, 90% of ransomware attacks originate from phishing attempts.
Benjamin Dynkin and Atlas Cybersecurity on data breaches: A Malicious Insider. This person purposely accesses and/or shares data with the intent of causing harm to an individual or company. The malicious insider may have legitimate authorization to use the data, but the intent is to use the information in nefarious ways. Lost or Stolen Devices. An unencrypted and unlocked laptop or external hard drive — anything that contains sensitive information — goes missing. Malicious Outside Criminals. These are hackers who use various attack vectors to gather information from a network or an individual. Since malicious data breaches result from cyberattacks, you should know what to watch for.