When we think of computer hacks and cybersecurity breaches, major retailers like Target, Whole Foods, and Forever 21 come to mind. But small businesses are just as vulnerable, and sometimes less able to recover from having their important data stolen.
“It’s growing at this insane pace,” says cybersecurity consultant Todd Inskeep, “and it’s growing because it’s easy.”
Inskeep shared his insight about protecting businesses from online attacks with Adam Williams, CRE, on the Retail Redeveloped podcast. His 30 years of computer security experience includes working for the National Security Agency, and as an Executive in Residence at MIT. Inskeep is currently a cybersecurity consultant for firm Booz Allen Hamilton near the heart of the nation’s security efforts in McLean, Virginia.
You can hear their entire conversation here:
But what Inskeep calls an “insane pace” will make you do a double take: In the last year for which research was kept, Inskeep says there were more than 780,000 reported ransomware attacks. The year before that, there were 130,000.
Part of the growth, says Inskeep, is due to how much information people store online — on their phones, iPads, home computers with Internet, even their streaming devices like TVs and tablets.
“People put all the stuff they love on their phone,” he says. “People have figured out it’s pretty easy to use that information against us.”
On top of that, people use these devices to run everyday tasks — change the thermostat, close the garage door, and of course, do online banking and paying bills.
“There’s so much you can do with this internet-enabled technology,” says Inskeep, “but unfortunately much of it is designed with very little thought about security and how people might use it in a bad way.”
Very few companies, according to Inskeep, have invested in proper cyber security. Something as simple as an email attachment might infect your entire network with ransomware, as happened recently to Mecklenburg County government. County executives had backed up most of their data on separate drives and were able to rebuild their systems without paying a ransom, as the hackers had wanted.
And that is one of Inskeep’s biggest pieces of advice: Back up your files. Whether you have a business or just a personal computer full of family photos and important documents, back up your files at least once a week on a personal hard drive. That will keep you from losing the data if there is a breach.
Here’s another: “Make sure that you’re using the security features that are built into Windows.” Inskeep says most businesses use Microsoft products, and that brand is good about updating its technology. Keeping current on updates will help keep your computer safe from hackers. This is especially true of email accounts, which can filter out dangerous spam before you are tempted to click on a malicious link.
The third piece of advice sounds familiar, as if it’s something your great-grandmother might say: “When things look too good to be true, pay attention to that little voice in your head,” says Inskeep. In other words, if it sounds too good… It probably is. If a frequent vendor suddenly wants you to send your payments somewhere else, pick up the phone and call them. It’s worth knowing you’re not sending all of your money to someone who will clear out your bank account.
Also, make sure your passwords are strong and secure.
But the best advice is to be aware that cyber attacks can happen to anyone. Be prepared. Inskeep says websites for Consumer Reports, RSAConference.com, and his own company, BoozAllen.com, can get you started. Research institutions like University of North Carolina are a good resource. Cyber Security is a growing field of study that will provide careers for many years to come.
Just get started before you get hacked.
“Think seriously about some of the things that can happen,” says Inskeep. “Make sure you have a plan for when something does happen.”