While speaking at a non-virtual conference may seem like a thing of the past these days, I did have the pleasure of speaking at the Omnitracs Outlook User Conference in February of this year. During my Outlook presentation, I shared key takeaways on the importance of building awareness of cybersecurity threats and how companies like yours could safeguard enterprise information and intellectual property.
For this year’s National Cybersecurity Awareness Month, I’d like to share some of these vital takeaways for the secure benefit of your business.
Cyber-attacks remain a challenging threat for companies across the globe
Cybersecurity Ventures — the world’s leading researcher and publisher on global cyber-economy topics — recently predicted that cybercrime damages would cost the world $6 trillion by 2021. Breaches, ransomware attacks, and backdoor attacks are becoming more common and sophisticated. These cyber-attacks affect companies big and small and will very often target critical and personal data.
Malicious insiders, non-state operatives, and hackers remain the greatest threats to data security. Globally, companies continue to invest more and more in cyber-protection efforts. From 2016 to 2020, we have witnessed a rise from $52 billion to $132 billion in worldwide information security and risk-management spend.
Percentage-wise, here are the top vulnerabilities facing companies:
- Email: 46%
- Internal network: 10%
- Web browsing: 10%
- Public cloud (IaaS and PaaS): 7%
- Social media: 7%
- Supplier networks: 6%
- Mobile: 5%
- SaaS applications: 2%
- Other: 7%
Transportation trends in the cyber world
Since 2016, the transportation industry has seen significant rises in security incidents and breaches. These attacks are increasing and surfacing for many reasons. While connectivity and advancing technology offer ample benefits, they also open users up to vulnerabilities if they aren’t safeguarding and monitoring their assets.
Wireless, cellular, Bluetooth, and satellite connectivity, computer exploits, and internet-facing networks and platforms can open users up to cyber-attacks without proper protection. I recently shared how trucking and other industries that are becoming more acclimated with technology have seen an increase in phishing and fraud this year. Fortunately, many of the fleets that make up our industry are becoming increasingly resilient — and with the right action, your business can be too.
Concrete actions to take to protect your business
First and foremost, company leaders must change their company narratives and shift their mindset. Technology advancements and hacking tactics are regularly evolving. As such, leaders should maintain a constant learning and cyber awareness culture in their business operations, so they and their teams always remain as prepared and in the know as possible.
With your teams, you’ll want to implement an action plan that includes the following:
- A risk leader
- Identification of your most critical business processes and assets
- A risk assessment
- Segmentation and a zero-trust model to support containment
- An incident response plan
With that mentality, you can begin putting learning into action. Your company’s technology systems should have a defensible architecture to serve as the most robust line of defense. It would also be best to have a thorough incident response plan in place that incorporates preparation, identification, assessment, containment, eradication, recovery, and follow-up procedures should a cyber-attack occur.
For additional insight into how you can remain cyber secure in today’s digitally evolving world, read this recent blog post for answers to your top cybersecurity questions. You can also review these helpful resources from the Cybersecurity and Infrastructure Security Agency.