The famous bank robber Willie Sutton, when asked why he robbed banks, reportedly stated “because that’s where the money is.” Today, if you ask a cyber criminal why do you hack into businesses they could just as honestly answer “because that’s where the money is.” Today it may not be cash walking out the door but credit card numbers, intellectual property, and fund transfer authorizations leaving over the network. Unfortunately, many businesses are coming to the realization they haven’t identified their critical information, they don’t know where their information assets are the most vulnerable, how best to protect them, and how to detect and respond to attacks to limit losses. Symantic’s 2015 Internet Security Threat Report reported that 60% of targeted attacks strike small and medium businesses due to their less robust security architecture. Of those small businesses who are subjected to a cyber attack greater than 50% will close within 6 months of the attack. Large businesses should take note as well because many of these small and medium sized business attacks were used as stepping stones to attack large businesses through trusted network connections. Clearly there is much more we need to do and October is a great time to get more involved in making those around you aware of cybersecurity needs.
National Cyber Security Awareness Month began in October 2004, growing out of awareness efforts of the National Cyber Security Alliance, working in conjunction with industry and Government partners. 2015 marks the 12th year programs on Cyber Security Awareness have been conducted across the United States during the month of October. The National Cyber Security Alliance and several partners have a large collection of information you can use at the individual and business level. Take a look and get involved. Here are two great places to start: www.dhs.gov/stopthinkconnect-toolkit & www.staysafeonline.org