Understanding what intruders want is the first step in planning to prevent cyber threats from exploiting business and organization online operations, said panelists Thursday at the 2017 Wyoming Broadband Summit.
Experts in dealing with cyber security threats in Wyoming presented their views as members of a panel on “Cybersecurity – Investing, Growing, Planning and Understanding.” Panelists said not all cyber attackers were looking for the same information.
For a hospital, it might be personal information tied to treatments; for a business, it could be transactions that are needed to keep that business running; for an individual, it may be credit card or bank account access.
“You have to understand what data you have that they want,” said Sean Sanchez, of Optiv Solutions, a cybersecurity firm.
Phishing scams are the most common cybersecurity threats facing enterprise, panelists said. Lack of a cybersecurity plan, or not following one, was another problem.
James Drever, a regional director for the Wyoming Small Business Development Center, said bad password management was a problem he often finds when helping clients with less than 50 employees that have suffered a cyber-attack.
“It’s common for people to use the same password everywhere,” Drever said. “I’ll have them check a website called haveibeenpwned.com to find out if their email password has been ‘owned.’ Most of the time I can go to that website and find that they’ve been owned. And those are just the ones we know about.”
Failure to have an adequate back up system is another common issue for small businesses, he said. Backing up data is essential to recovering from a cyber-attack or even a fire that may destroy a business. But that backup can’t be on the same premises as the business. If not using a cloud-based backup, then use an external drive but take the business drive home and take your home backup drive to work after updating.
Robert Pettigrew, director of Information Services/Clinical Engineering for the Wyoming Medical Center in Casper, outlined how a cyber security plan helped the hospital work through the aftermath of an email phishing scam that only hit two computers but left the system down for 10 minutes. Security protocols helped prevent the spread of invasive software, but it was discovered that information connected to 2,000 patients might have been compromised. That triggered a federal review of the hospital’s cyber security operations, but thanks to a management and recovery plan that it was in place, the hospital was cleared of any violations. It still cost the hospital several hundred thousand dollars over a couple of years to satisfy federal reviewers.
Because of the phishing scam, Pettigrew said the hospital convinced employees to use two-factor authentication for their email accounts to reduce the possible of a repeat incident. Cyber security training has also been stepped up.
Sanchez and Mike Borowczak, University of Wyoming Cybersecurity Education and Research director, said researchers at higher educational Institutions can be reluctant to place security protocols on their research because it slows down work.
“The federal government is requiring cyber security protocols as part of grants,” Borowczak said.
Asked by moderator Dave Ritz, U.S. Department of Homeland Security in Cheyenne, what the federal government could to help improve response to cyber threats, the panelists responded that more timely information would help.
“Vulnerability and exploit information should be shared faster,” Sanchez said
Ritz agreed, but said that national security considerations and bureaucracy can slow down the information flow.