We would like to keep you up to date with the latest news from Digitalisation World by sending you push notifications.
Digital Newsletter
Each week our editor Phil Alsop rounds up the most popular articles, videos and expert opinions. We compile this into a Digital Newsletter and send it straight to your inbox every week.
Digital Magazines
We'll let you know each time a new edition of Digitalisation World is released so that you're always kept up-to-date with the latest and greatest news and press releases.
Video Magazines
The Digitalisation World Video magazine contains the latest Zoom interviews with experts in the industry.
Since July 2020 alone, both Canon and Garmin were among those to hit the headlines after suffering ransomware attacks. Canon’s online systems were breached, taking down its US website and possibly facilitating the theft of large amounts of personal data. In the case of Garmin, the attackers used malicious software to encrypt the files on its corporate network and demanded a ransom be paid in order for the files to be decrypted. This trend is concerning, particularly with much of society conducting almost all aspects of their lives online in the current climate.
Unfortunately, the frequency with which these incidents appear to be taking place is causing many people to become desensitised to them. In fact, there is a growing belief among consumers that their data will eventually be breached, but this is paired with the expectation that organisations, such as banks, retailers and travel companies, will ultimately have the protections in place to safeguard that data. And, if their details do get leaked, there’s an expectation that through credit card protections or regulatory insurance, the consumer will be protected (reimbursed) from the financial losses when the loss is through no fault of their own.
With consumers now using a growing range of online service, from banking to grocery shopping, arguably more so now due to the COVID-19 pandemic, they are increasingly expecting businesses to protect them and their data. In fact, 72% of consumers believe businesses, not governments, are best equipped to do this. Consequently, organisations need to do more to protect consumers’ data and give them the peace of mind that even if they do suffer an attack, they won’t be personally impacted. This requires businesses to begin to proactively monitor for threats.
Understanding vulnerabilities
For brands to protect their business and customers against the threat of cyberattacks, it’s vital they understand where their vulnerabilities lie and where threats may be coming from. Getting ahead and identifying any weak spots early in a brand’s online presence will in turn allow organisations to gain a comprehensive view of any vulnerabilities and creates an awareness of the types of threats they are facing before they can happen.
As part of this, it’s essential that businesses monitor all the different avenues through which threats could arise, such as the Dark Web and other online platforms, to understand whether their brand is being misused and how it’s happening and enable them to take action. For example, by using a Dark Web monitoring service, businesses will be able to see whether their IP address has been listed for sale which would indicate that they may be vulnerable to being hacked or compromised.
Raising employee awareness
Businesses must also educate their employees to ensure they can recognise the different types of threats they may be susceptible to and how they can escalate. Malicious emails are one of the most prevalent threats for businesses, with small businesses receiving an average of one malicious email in every 323 sent and 76% of businesses have reported that they were a victim of a phishing attack in 2018. Unfortunately, employee-targeted phishing scams are often the gateway to Advanced Persistent Threat (APT) attacks which can lead to businesses being infiltrated by malware to steal intellectual property, including customer data.
To better protect themselves, organisations should increase awareness of how different individuals may be targeted, such as accounts payable being targeted by scams that impersonate senior executives asking for money transfers. Meanwhile, payroll employees may be asked for tax records which contain a lot of personal information about employees, and HR may receive PDFs disguised as CVs but that actually contain malware.
Businesses need to get one step ahead of attackers by educating employees to recognise phishing attacks and threats and the different avenues hackers could take. This should include introducing processes so that employees know how to check if emails are coming from a legitimate source.
Take responsibility for consumer protection
It is the obligation of organisations to do all they can to keep consumer information safe especially as many ask customers to store their credit card details with them in order to make the processes of purchasing items as quick and simple as possible. They will be best able to protect both their business and consumers by taking a proactive approach to cybersecurity whereby they educate employees and consumers, introduce new protocols, and monitor their brand for threats.
