Tag Archives: Mobile

No Matter Your Industry, It’s Time to Take Cybersecurity Seriously

Robert_HerjavecShark on ABC’s Shark Tank, Founder of Herjavec Group, Bestselling Author of You Don’t Have to Be a Shark

 

We’re seeing more breaches, more endpoints, more technology, more connectivity. The key word is MORE. Given this level of interactivity, cybersecurity has experienced a surge over the past five years and shows no signs of slowing down

Here are the top cybersecurity topics you should be speaking with your executive and IT teams about to support your emergency preparedness planning.

1. Ransomware: Holding your information hostage

Ransomware is a malicious software that allows hackers to access a company’s computers, encrypt information, and then demand payment in order to decrypt it. Vulnerabilities are often exploited in third-party software including Microsoft Office, Adobe and various graphic files. McAfee Labs reported 58% growth year over year in ransomware in Q2 2015 (~ 4 million samples). Herjavec Group does not advocate for paying out or negotiating during a ransomware attack. It is recommended that all organizations have an asset back-up strategy in the event they need to recover critical information.

Ask yourself: what is our asset back-up strategy? When was the last time we classified our assets or did an inventory of our critical information? Do our employees know what to do in the event their system is compromised?

2. Mobile Malware: Take control of your mobile devices.

Multiple best of breed vendors have reported an uptick in mobile malware as part of their 2016 predictions reports. Herjavec Group is focusing on the prevalence of these issues across Android devices in particular. The attack surface is growing as more individuals and corporate customers are adopting Android technology. Unfortunately in many instances, this operating system requires carrier updates in order to issue a new release. The lengthy lifecycle of each release provides ample opportunity for hackers to exploit existing vulnerabilities before the update occurs. To mitigate the risk, it is recommended that individuals ensure their mobile devices are up to date with the latest available operating systems information and files.

Ask yourself: do we understand the scope of the endpoints connected to our network? What is our BYOD policy and how do we ensure updates are pushed across our team?

3. Cloud: Is it time to move?

Moving assets and technologies to the cloud presents a scalable, cost-effective solution offering improved visibility, and the opportunity for proactive analysis. Unfortunately many organizations are challenged to advance cloud-based projects due to concerns over control, regulatory compliance, and overall security. To manage risk, we recommend developing a benchmark to measure cloud application usage on a regular basis (ex: track progress against risk targets, report cloud trust ratings quarterly, report new cloud services in use monthly). Herjavec Group offers various cloud consulting services including vulnerability assessments, web application testing, and penetration tests.

Ask yourself: Do you know what cloud technologies are being used in your environment? Do you know what good looks like? What metrics do you use to measure security and efficiency in the cloud? How frequently are you circulating these metrics?

4. Employee Awareness: Your employees are your biggest threat.

Spending on security technology is not sufficient as many reports indicate that employees and not firewalls are the No. 1 threat vector today. Organizations must consider how they are protecting their employees’ endpoints when they leave the corporate environment for business travel or to return home. It is anticipated that home networks will become targeted as hackers attempt to infiltrate corporate data being worked on remotely. You must also evaluate what training and awareness programs you offer to ensure your employees are invested in the protection of your organization’s vital assets. Herjavec Group can provide an outline of appropriate educational materials for your team or help administer a cybersecurity awareness seminar for your organization.

Ask yourself: when was the last time your team underwent security training? What access do your employees have to the internet within the workplace or from their connected mobile devices? What restrictions are in place?

In light of the dynamic and ever evolving cybersecurity landscape, it’s highly recommended that organizations have a security framework in place. When things go wrong, there is a tendency to panic and act irrationally. Developing a security framework and ensuring it’s communicated to all of the appropriate stakeholders within your organization can help maintain the sense of calm required to get your business back to standard operations as efficiently as possible. Here are the questions that need to be addressed by your Security Framework:

  • What happens when you hit the panic button (ie: will it work, who do you escalate to? What’s the disaster recovery plan?)
  • How many risks are being taken to run tech operations (ie: layers of security control, are all systems protected equally?)
  • Where and what is your sensitive data (ie: can you identify what has been lost in the event of a breach? Back up and recovery plans?)
  • Visit HerjavecGroup.com for more information on recommended cybersecurity discussion topics or to review Herjavec Group’s Ten Point Plan for security preparedness.

    To your success,

Security Concerns That Entrepreneurs Should Address

db6056bb-94d8-44e3-8369-de8ce117d89f-mediumWhen it comes to running your own business, there is no end to the number of obstacles and obligations that today’s busy entrepreneurs need to take care of. However, one of the most important things that every entrepreneur needs to remember has to do with security. In today’s market, security has become a major challenge for all types of entrepreneurs, in all different industries and from all different walks of life. Understanding what these security threats are and why they are important is essential information for every entrepreneur to know. After all, the more you understand, the better equipped you will be to ward off these security threats moving forward.

Cyber Security
There is perhaps no more dangerous type of security threat present in our market today than cyber security. There are so many entrepreneurs who simply don’t have enough of a tech background to really understand cyber security, what it is, what it entails and why it is so risky. Hackers from anywhere in the world can easily hack into your computer system and steal important information from you and from your clients and customers, without you ever knowing. This is why it is so important to hire a cyber security professional to make sure your networks and your systems are safe.

Security Personnel
You can never put too much emphasis on security within your business. If you want to make sure that your customers and your employees are always safe, particularly if you live in a busy area, then you need to have security guards on staff. You would be surprised by how many threats and issues that can be resolved by simply having security personnel on the grounds. Many business owners underestimate their need for security personnel at their place of business; however, Dave Ngo of AlertSecurityandPatrol.com says, “People have a sense of security when a security officer is present.  They are an extra set of eyes for personal, property, and asset protection.  Customer’s would feel more comfortable with security present which will enhance their work, entertainment, or shopping experience.”

Surveillance Systems
Surveillance systems are some of the most important features to have in your business. Whether you are looking to find out who broke into your business or if an employee is jeopardizing your company or your money, there is no better way to do it than with live video footage. Installing a surveillance system in a building is actually easier and more cost effective than many people think. Make sure to have a sign somewhere in your business letting people know that you have cameras on the premises, many times, the sign alone can do a great deal of good in preventing incidents from happening.

Implement Mobile Security Systems
Today, it seems as though people use their mobile phones more than they use virtually any other piece of technology. Yet, very few entrepreneurs take the time to make sure that their mobile devices, and the mobile devices of their entire staff are safe from mobile apps. A recent study found that most organizations allow their employees to download apps to their work devices without vetting them first, this means that there could be a number of viruses coming through to your work devices. Mobile security is about more than just devices though. Mobile content, apps and sharing data through mobile devices can all put your company at risk.

While most entrepreneurs likely feel that they already have more than enough on their plates with running their own business, it is important that they also take the time to take additional security measures to keep their business, their money and their employees as safe as possible.