accountants and business advisers
Chief Executive Officer
09 Jul 2019
Sometimes “sound bites” help us to remember actions we need to take. With this edition of Cyber Roundup, some readers might consider the following statements made in this issue as good advice which, if heeded, can help to secure your cyber peace of mind:
Security and privacy by design and by default is a philosophy every company should embrace and every consumer should expect.
The following is a rundown of what happened during the month of May 2019. We welcome your comments, insights and questions.
Tom’s Takeaway: Patching is by far one of the most important things every company – big and small – should strive to do quickly and consistently. I am often asked what are the key areas we should focus on. Patching is one of the top items on that list.
Tom’s Takeaway: For many businesses, cybersecurity isn’t an issue until it is. It’s when the breach occurs that management will reflect on what they should have done. Don’t fall victim to this approach; rather, be proactive. Cybersecurity is no longer an expense to your business, it is your business. Until all businesses adopt this mentality, issues like the City of Baltimore will continue to occur, having an impact not only to the business and the bottom line, but more often than not, the personal lives of those they employ or serve.
Tom’s Takeaway: When it comes to ransomware, the reason it is so dangerous is because of the limited options the victim has. In most situations, unlocking the files without paying is not likely – it doesn’t matter who you call for assistance. The ransomware is designed to use industry standard encryption – the very encryption used by businesses to protect their data from the criminals. Once infected and you want your data back, you either have to restore from backup or pay. What many businesses find out when it is too late is that they either don’t have a backup or they don’t know how to restore the data in a timely manner. Data backup and restoration strategies are core components of every assessment we perform and are key questions that senior management and the board should be asking.
Tom’s Takeaway: Security and privacy by design and by default is a philosophy every company should embrace and every consumer should expect. This vulnerability is as basic as it comes in the realm of web security. Issues like this are the result of not factoring in security to the development lifecycle and not sufficient and prudent testing relative to the sensitivity of the data the website provided access to.
Source: PKF O'Connor Davies
For more information on how our services can help your business get in touch.