On Tuesday, Citon hosted FBI Special Agent Lizabeth Lehrkamp as a speaker in its Vital Education Series (VES). Lehkamp, who works in the Bureau’s Cyber Security Division, focused on the”New Normal,” a business model that includes network security as a key component for success and survival. Below are the top takeaways from the event:
1. We’re not talking about network security, we’re talking about your business. In 1975, 17 percent of a company’s assets, on average, were considered “digital.” By 2009, that number had grown to 81 percent. The business world is changing. The “new normal” includes a business model that treats network security as an absolute necessity for prosperity. Those who continue to operate with network security as an “add on” will end up hurting in the long run. This is the new reality.
2. Understand the Risk. When companies are breached, the consequences include monetary losses in more than one way. Costs associated with data breaches reach far and wide… from public relations expenses to, often times, an overhaul of employees. Don’t forget about credit monitoring for customers and the inevitable huge blow to profits due to customer distrust. The list goes on, and in the “new normal,” the threat of a breach is inevitable, no matter the size of the company.
3. It doesn’t matter where you’re doing business — your company has valuable information. Businesses that operate outside the realm of America’s largest cities might feel like they couldn’t possibly be a target. Truth is, they are. Every company stores data that is valuable to someone — whether it be financial information, intellectual property or customer data. Often times, small companies are hacked simply because there’s an opportunity for a criminal to access their network. Those compromising networks actively look for companies that haven’t taken the necessary steps to protect themselves — and they strike at the opportunity to steal information.
4.You are a target. When you’re not being targeted by hackers motivated purely by finances, your company could find itself the target of hacktivists. Hacktivists are activists who use cyber crime to target those they take issue with. Lehrkamp gave an example of one accounting firm that found itself the victim of hacktivists — not because the activists directly took issue with the company, but because they took issue with one of the company’s clients. Without realizing it, they were exposed, resulting in the loss of finances and clients.
5. Need to convince someone within your organization to take network security seriously? Talk about the bottom line. Implementing and operating a sufficient network security plan takes time and resources — there’s no way around it. In the midst of this changing business climate, some asset owners have been slow to recognize this necessity. The truth is, operating a vulnerable network is a great way to lose money. As Lehrkamp put it, Risk = Threat x Vulnerability x Consequence.