Less talk more action – how to be cybersecure
Cybersecurity is a very broad topic that covers a whole range of technologies and hurdles that need to be addressed in order to keep your company secure. The best defense is preparation and knowledge, and there are few better ways than to learn that from experts in the industry such as Jeremy McMaster, our in-house expert of IT that has been battling cybersecurity threats for over 20 years and has seen the evolution of this behemoth first hand. Below are some of his pointers on how you can keep yourself and your company safe from these ongoing threats.
Interview With Jeremy McMaster
How much of your day is usually spent dealing with security issues?
Jeremy: “The days are up and down it depends on the day. The number is variable however security has become an increased concern of many firms, especially during COVID. There is a rapid increase of cybercrime that is currently happening and as such more and more clients currently have security issues that need to be addressed”
Can you give an example of a common issue you face?
Jeremy: “The most common scam right now is phishing. Hackers are sending emails that seem like they are from legitimate sources like Microsoft, Google, or major retailers. A link is contained most often requesting you to log in to check an order or update some personal/private information. When clicked, the link actually directs you to a website that only looks like the vendor but is hosted on a different URL/server. Unknowingly, the victim will enter their credentials and thereby handing those credentials to the hacker. After that, the hacker has full access to the account and can start using that account to achieve their goals, which never ends well for the victim.”
Do you have any tips for a client to prevent such an attack?
Jeremy: “Training is the biggest thing that every client needs to take more seriously. I often use the analogy – people hire staff and they don’t even ask if they have technical experience or gauge what their experience is, they drop the person in the environment and see what happens. This can be like giving keys to a 9-year-old and letting them drive your car but often as a company you rush and have to do that. ”
What is so of the biggest security issues that you have faced?
Jeremy: “People. It’s not the technology itself it’s the people. Often people and companies will err on the side of convenience and cost-saving over security. That is until something bad happens and then they will decide to implement much higher security requirements. This strategy ends up costing more in the long run.”
Are companies like Microsoft and Google just not keeping up with the increasing cybersecurity threats?
Jeremy: “Microsoft and Google are keeping up as much as anyone else keeps up but the threats are increasing so fast that it’s an ongoing threat. A lot of tools they have aren’t implemented because of lack of knowledge, lack of budget, and abstinence of training their staff further on the threats that arise on a daily basis.”
Do you have any other suggestions for the people reading this blog?
Jeremy: “Here are two things: The first is training. Proper training is key because people are the last line of defense. Most people think that they don’t engage in risky behavior on their work computers; some don’t even give it a second thought. This kind of thinking is very dangerous. Proper training will impress on them the importance that your organization places on security and it will open their eyes to their own bad habits.
All the training in the world is useless, however, unless people start to use best practices in terms of security. Start by choosing one that is the most reasonable for your organization, and implement it. For example, knowing about two-factor authentication is not going to help you; you have to use it. And not just you; everyone in your workplace has to use it. It might be inconvenient, but it will save you and your organization.”
Hopefully, this interview has given you some insights into the world of cybersecurity and the threats which we face today. Although to many it may seem like an invisible enemy, in reality, that enemy may become extremely visible but only when it is too late. Just like you protect your own personal health and vitality so should you act with your business and your technology, whether that is individual technology or business-related.
Good luck and stay safe!