5 lessons to learn from 3 Midwest case studies
You’ve heard it before. It’s not a matter of “if” your business might become the subject of a cybersecurity threat, it’s “when.” That includes those of us living and working right here in the greater Kansas City area. Whether you manage one office with only a handful of employees or a financial institution with branches across the state, it’s time to get serious about your security.
Think your business is safe? A government office, a university and a health care system did too. Here are their cyber stories and what you can learn from them.
3 Midwest Cyber Threat Case Studies
1. Organization: Platt County Commissioners Office
Threat Type: Email Spoof
What Happened?: The treasurer received a replicated email from an internal contact, authorizing a purchase via wire fund transfer. Soon thereafter, the manager realized it was not a valid request and began the process of trying to recover the funds.
Consequences: The email spoof led to a $48K mistake. The incident caused a tremendous amount of internal strife surrounding the responsible parties. An abundance of finger pointing at individuals and processes caused significant disruptions to daily workflow.
2. Organization: Rockhurst University
Threat Type: Phishing email
What Happened?: A human resources team member unsuspectingly opened an email that gave a cybercriminal access to the school’s network, including 1,300 employees’ personal information and W2s.
Consequences: Along with a large, unexpected expense to the university, all employees were instructed to acquire online identity protection. They will need to diligently watch for personal information misuse for years to come.
3. Organization: KVC Health System
Threat Type: Ransomware
What Happened?: A network hacker infiltrated KVC’s health system environment. Although a cybersecurity “cleanse” was attempted, the secondary spread worked its way into backup files and ultimately encrypted all database information.
Consequences: For the next 45 days, employees worked “pen and paper” style. This included payroll, medical records, caseworkers’ notes, client histories and accounts payable. Several database components needed to be re-created from scratch. It led to widespread disruption of service protocols with significant losses in productivity.
5 Takeaways to Better Secure Your Business
In our recent infographic, we shared the foundations of an intentional, layered security plan for businesses.
Don’t become a case study for others to read about. Use these 5 action items to protect against cyberthreats.
- Build “layered’ security
No one solution offers a “silver bullet.” Backups and firewalls do not cover every threat. Some security experts point to over a dozen opportunities for layered security. Within each layer exists thousands of strategy approaches. Work with an experienced IT professional to find the right set of solutions that fit the way you do business.
- Provide ongoing employee training
Sure, a half-day training session can educate your staff about security best practices. But it is even more important to include ongoing training as part of your corporate culture. Consider hiring an experienced firm such as Network Tech. In addition, the Department of Homeland Security (DHS) offers training services.
- Investigate cybersecurity insurance
Cyber insurance protects businesses and individual users from internet-based risks and, more generally, from risks relating to information technology infrastructure and activities. Coverage can vary widely from provider to provider and requires a detailed look at what might not be included. Network Tech can help you assess your best options.
- Run a business continuity and disaster recovery (BCDR) drill
Business continuity and disaster recovery includes a set of processes and techniques used to help an organization recover from a disaster. Hire a firm like Network Tech that offers years of expertise helping companies identify areas of vulnerability.
- Maintain security patches
A timely patch management plan is critical to maintain the operational availability, confidentiality and integrity of IT systems. This especially holds true for Microsoft Windows and firmware products.
No company is too small to become a target. The negative consequences can run from just a mild irritation to bankruptcy. Most cybercriminals aren’t targeting companies specifically, just looking for opportunities by blindly scanning the internet. It’s important to assess your potential for becoming an “opportunity” to them and for how you will be alerted if a data breach arises.
Secure Your IT with Network Tech
You need sound advice to build a layered security infrastructure to keep your employees and your data safe. Network Tech can provide you the guidance to decide which solutions are right for your business. Download our infographic identifying the key components of a layered IT security approach.Call us at 913-538-7700 or contact us online and let’s talk about what’s best for your business.