By Tammy Murga
Signal Staff Writer
More than 100 business leaders gathered at the Hyatt Regency Valencia on Tuesday to learn how best to address a cyber attack with affordable, practical solutions.
For its monthly business luncheon, the Valley Industry Association held a presentation titled “Cybersecurity in the Workplace.”
Dr. Bruce Burton, co-chair of Cal Poly’s Advisory Board for Cybersecurity of Critical Infrastructure and advisor to the Cal Poly’s California Cybersecurity Institute, offered the presentation geared toward strategy-driven decision makers.
“My job here today is to accelerate your understanding of some of the practical ways that you can protect yourself without having to go through the worst moments,” said Burton.
Cyber attacks have become more frequent, and their sophistication is also increasing, costing businesses millions in losses.
Over the past five years, the dollar value of reported attacks has exceeded $5 billion, according to a recent FBI internet crime report shared by Burton during his presentation. The data highlighted that California alone experienced more than $200 million in losses in 2017.
While these figures are high, Burton believes they may be significantly higher as cyber attacks are one of the most underreported crimes, where only 1 in 10 crimes is reported.
Past surveys taken by thousands of U.K. and American IP security practitioners have shown that the No. 1 greatest cyber threat to a small business is their employees due to a lack of training.
“The good news is that many of these things can be dealt with advanced training and oversight,” said Burton.
When a cyberthreat hits
Burton provided examples of past breaches including the 2013 cyber attack Target experienced, which affected more than 41 million customer payment card accounts.
The retail giant acknowledged it could have done more to prevent a hack that impacted millions, which occurred through credentials stolen from a third-party vendor.
As a result, data breach expenses tallied $100 million, a 5.5-percent sales drop in transactions and a tarnished reputation. Target’s CEO Gregg Steinhafel also resigned after the massive hack.
While this happened to one of the largest businesses around, 71 percent of breaches target small companies, which Burton found was the largest represented at the presentation.
Cyber attacks are becoming more intricate but there are steps leaders can take to address a threat and protect their business.
Here is a list Burton suggested:
- Know your state laws
- Limit employee and third-party access to sensitive assets
- Ensure industry-standard security practices protect customer data
- Do not ignore the warning signs of a breach
- Provide proper training for employees
- Have a backup system to store computer data
- Beware of broadly worded cybersecurity and data protection exclusions
- Review and negotiate cybersecurity policy terms