Whether you represent a large multi-national enterprise or a small community business, it is clear that every business faces a rising tide of cybersecurity threats. Headlines about major security breaches are daily fodder in our news cycles. Corporate data is attacked, personal identity information is constantly stolen and offered for sale on the “dark web”, holding data hostage for ransom or simply for destructive malice is common, acquiring technology platforms to mount large-scale attacks are some of the threats we read about daily. These threats can leave a lasting impact on businesses in varying degrees, ranging from embarrassment, to theft of confidential corporate resources, to governmental penalties and fines, or can ultimately cause a business to close its doors. While the headlines are typically about large banks, health insurance companies, multi-media conglomerates, small businesses are equally susceptible. Despite all of this daily notoriety about hackers, phishing, face websites, and annoying malware, employees and ex-employees, create the largest threat.
HAWKi has implemented a multi-layered security approach for our clients over the course of several years. Technology solutions are deployed at the interface between the internet interface (firewall), at the operating system level (virtualization), on wireless communications (mobile devices), at your email (spam, malware, phishing, viruses), and in personnel issues such as password management. Human error also create breaches ranging from malicious employees to insiders who are simply careless or uneducated. Hackers are more persistent, more malicious, and more focused on targets today. The massive breaches in nearly every industry have been highly protected by sophisticated systems, yet there are still avenues discovered and exploited on a daily basis.
Because of the “human” factor, it is imperative that companies not only apply multiple layers of technology solutions across several interfaces, employees need continuous education on current trends and methods of protection. With the sophistication and persistence shown today, both technology and education are imperative.
HAWK iSecurity Training focuses on a single element of security: people. By training employees on the types of threats deployed, the targets of these threats, and the results that the breaches can inflict, each employee can be more protective of your businesses resources as well as their own personal cyber fitness. To this end, HAWKi offers a three-tiered approach of continuing education on the cyber threat landscape.
- Dark Web Breach Assessment: First, every enrolled employee will have the ability to assess their information presence on the Dark Web (Dark Web Breach Assessment) for both corporate and personal electronic identities. The Dark Web is where stolen Personal Information offered for sale or purchased for malicious intent. We will scan the dark web to identify employee email accounts that is compromised due to a cyberattack, and are most likely to be a cybercriminal’s next target. These employees could unwittingly let hackers drain business’ bank accounts and cause other damage. This will help identify the need to tighten cyber-security in ways that go beyond standard technological remedies.
- Security Training Topics (Updated Annually): Secondly, training will allow us to help strengthen your defenses against cybercriminals who exploit human errors to steal vital financial data or freeze computer systems with ransomware demands. There are currently seven case studies that will be explored online. Each case study will set a background of behavior; discuss the nature of breach, the targets of the breach, and the consequential damages that resulted from the breach.
- Breach Prevention: Once the employees complete the initial training, we will transition into Breach Prevention – think of this as Continuing Education. In addition to arming employees with tools, this training teaches employees a number of “best practices” for strengthening cybersecurity, including methods for protecting proprietary data stored on mobile devices and for avoiding breach risks when using social media.
- All businesses are susceptible
- Multi-layered technology protection is a requirement, but not a complete solution
- Employee training is critical and must be on-going