A data breach can be a devastating event, affecting a company financially and damaging its reputation with customers. But as a director or officer at your company, you face litigation risks based on the decisions you make following a breach and on how you influence cyber security policies, as these are often considered board-level issues.
High-profile cyber attacks on companies such as Target and Sony have generated national headlines and have raised awareness of the growing threat of cyber crime. Recent surveys conducted by the Small Business Authority, Symantec and the National Cyber security Alliance suggest that many small business owners are still operating under a false sense of cyber security.
With the severity of cyber attacks increasing on what seems like a daily basis, governments are now stepping in to provide guidance and keep the general public both safe and informed.
No company, big or small, is immune to a data breach. Many small employers falsely believe they can elude the attention of a hacker, yet studies have shown the opposite is true. According to the Symantec SMB Threat Awareness Poll Global Results, 40 per cent of the data breaches in 2011 were at small to mid-sized companies.
In part 2 of our Cyber Criminal Attack Strategies, we take a deep dive on the most common methods used by cyber criminals to gain access to sensitive data or funds.
While the content of phishing and spear-phishing emails can vary, cyber criminals often employ similar strategies and tactics. Using these methods, phishers have proven repeatedly that they can affect users regardless of their position in companies, presumed level of technical expertise or employment field.
Often, the terms phishing and spear phishing are used interchangeably. However, there is a key distinction between these two types of attacks, and it’s important to have some basic background knowledge.
Whether your business is a Fortune 500 company or a small, family-run business, data security needs to be a top priority. Small and medium-sized businesses are becoming more frequent victims of data breaches, whether through their own negligence or the efforts of malicious attacks.
Statistically one in five Canadian businesses will fall victim to a cyberattack. Whether sensitive information is compromised from a lost or stolen device, human error or hacked network, the tactics used by cyber criminals are becoming more sophisticated, making it harder to detect a threat.
Rob Labbe, a Canadian, is the co-founder of the Mining and Metals Information Sharing and Analysis Centre. When addressing the topic of cyber security, Labbe admits, “traditionally, mining (cyber) security hasn’t been seen as a major priority.” The reasoning for this is that he partly suspects "there’s an attitude of ‘nobody’s after us. We have nothing anybody’s interested in.’ That was the prevailing sense of the board room” until Canadian-based mining companies started getting hacked.