alt tag

Posts Tagged ‘security risk’


Which Industries Are Most Likely to be Targeted with Cyber Security Threats?

Monday, May 21st, 2018

To understand why some industries are targeted in cyber attacks more often than others, it’s important to understand what drives hackers and what makes a target appealing. Of the two, hackers are easier to understand:

According to a Verizon data security report, roughly 70 percent of attacks are financially motivated, and around a quarter of attacks are for espionage purposes. The rest tend to fall under the categories of personal grudges, ideological attacks, and “just for fun.”

A prime target for an attack will have some of, if not all of, the following qualities:

  • Works with important, confidential data
  • Possesses valuable information (not just financially)
  • Service disruptions require urgent action to restore access or information security
  • Target has substantial financial assets
  • Target has the financial means to pay a ransom

Businesses in the following industries often find themselves on the receiving end of a security attack because they are considered high-value targets.

1. Finance

As the financial industry works with money, it should come as no surprise that it is the most popular target for hackers. This industry is the target in 24 percent of all attacks, which are almost exclusively financially motivated. These attacks often try to compromise credentials so hackers can steal money through a second-step. Businesses in the finance space should make IT security a priority because attacks are less a matter of if and more a matter of when.

2. Healthcare

Hackers often look to exploit the urgency in the healthcare industry for a financial payout: This industry receives 15 percent of all attacks. In particular, ransomware accounts for 72 percent of all malware attacks on hospitals. The healthcare industry is singled out because disruptions to data access could put patient lives at risk, and hackers could be looking to exploit legal penalties for underprepared businesses losing data.

3. Public Sector

The public sector is a popular target because of the information it stores: Around 12 percent of all attacks are on this industry. Financial motivation only accounts for 20 percent of attacks on the public administration segment of the industry; instead, espionage is the motive in 64 percent of cases. Hackers are often trying to steal confidential information from government operations, but they still may try to go after schools with ransomware to earn a quick payout. Criminals may also target public sector operations because they believe the organization is under-resourced in IT security.

4. Retail and Accommodations

When combined, the retail and accommodations industries comprise another 15 percent of cyber attacks. In particular, 96 percent of retail attacks are financially motivated. These attacks often target payment and personal information that can be used to either directly steal money or play a role in identity theft.

5. Everyone Else

Just because your business isn’t in the four largest targeted industries, you shouldn’t fall victim to a false sense of security. Other businesses still account for 34 percent of attacks. In fact, overconfidence in existing security practices can make the difference between a failed or successful breach.

The IT experts at MPA Networks can help your Bay-Area business secure its internet-facing operations to help keep your information safe. Whether you’re in finance, healthcare, or another industry, MPA’s experience can improve your defenses. Contact us today to learn more.

7 Ways to Keep Work Secure on Employee Personal Devices

Monday, May 14th, 2018

Technology improvements have made it easy for employees to get work done on their personal devices from anywhere. However, that freedom comes with additional security risks and requires extra diligence to keep data secure. Safeguarding information is a combined process of utilizing technology and educating staff. The following considerations will help your business keep work secure on employee personal devices.

1. Always Update/Patch Software

Hackers invest time trying to find new ways to bypass security or take advantage of personal apathy and laziness.

According to PC World, failing to install the latest patches and updates for software is the top security risk for both business and private use.

Hackers can look for known exploits that the software creator closed and use them against people who haven’t updated the software to close that security hole. Unlike with business-owned devices, your business really can’t force employees to install software that will prompt updates, so it becomes a matter of training.

2. Use Cloud Apps

Cloud applications for both computers and mobile devices offer some excellent security benefits for your business, especially when your employees access them on personal devices. Cloud apps shift much of the data security burden to the server side, which alleviates many of the security problems that could come from traditional apps run on employee devices. Cloud email is an excellent example of this because the server can handle scans for phishing, malware and other malicious attacks before the content ever makes it to the employee device. Cloud apps generally run the most current software versions, so your business won’t have to worry about employees running updates.

3. Encourage Strong Antivirus and Anti-Malware Practices on All Devices

While employees don’t need to use the same security software your business runs on their personal devices, they do still need quality security software. There are many free and low-cost security programs for personal users that provide excellent protection. Your IT staff can help make recommendations for employees on personal devices.

4. Train to Avoid Phishing Scams

While security software and cloud apps do a great job of catching phishing scams, some still might slip through. That’s why it’s important to train your employees in how to identify and avoid phishing scams.

5. Use Strong Passwords, Password Managers and 2-Step Verification

Employees should also keep their accounts secure by using sophisticated access credentials. This means using 2-step verification for all accounts and programs when possible and using password managers to protect their credentials. Employees should be trained in creating strong passwords in the event that more advanced security techniques don’t work.

6. Practice Public Wi-Fi Safety

In general, employees should avoid using public Wi-Fi when working with confidential information. If employees are going to do work on Wi-Fi outside of the home or workplace, they need to be trained in identifying fake access points and how to tell if a library, restaurant or other business’s network is secure.

7. Consider Using Remote Wipe or Lock Software

As a final effort, your business should encourage employees to install software that allows them to remote wipe or lock mobile devices and laptops they are going to use for work purposes. That way if someone steals that device, the damage will be limited to the financial loss of the hardware and not related to a data security breach.

The IT consulting experts at MPA Networks can help your business implement both software and training practices to help keep your data safe when employees use their personal devices for work. You can read our previous blog on tips for managing remote employees for even more information on keeping data safe. Contact us today to learn more.