It’s not just businesses that are the victim of cybercrime, public city and county organizations are being attacked now as well. In many business cases, sensitive data like credit card numbers are released. In the realm of public organizations, constituents’ valuable personal information (even social security numbers) can be retrieved by the thieves. At the same time, these hackers may have the power to halt major processes entirely, such as restoring certain utility services for the public. Here is why it is important to keep your organization’s cybersecurity up to date.
1. Damage to business and cost.
If your organization falls victim to theft, there are many payouts or settlements that you could potentially be on the hook for. In addition, your service is generally halted for several days, negatively impacting your profits and your reputation with your clients. This could result in a reduction of repeat customers, or a reluctance from other vendors to do business with you.
2. Stealing sensitive data.
This includes sensitive data, personally identifiable information (PII), protected health information (PHI), personal information, intellectual property, data, and governmental and industry information systems. In early September, Dorchester County, South Carolina announced that a phishing attack earlier in the year compromised sensitive information of its residents. Even county governments are prime targets!
3. Technology rapidly changes.
It’s important to keep up on security updates, new threats, and general cybersecurity news. For example, the Office of Management and Budget released an early version of its Federal Zero Trust Strategy that supports President Joe Biden’s executive order “Improving the Nation’s Cyber Security,” which was issued back in May. This mandated that federal agencies and civilian companies that do business with the government (like fleet and asset management organizations) must move toward a zero-trust cybersecurity architecture. This architecture moves from previous single sign-in systems towards continuous identity verification systems. This includes multi-factor authentication, repetitive multi-step verification, and sender-recipient encryption.
4. Keeping browsers up to date.
Browsers are one of the first suspects when a hack has been discovered. “Who clicked a suspicious link? Who navigated to a website that they shouldn’t have? To help prevent new zero day exploits for your end users who use AssetWorks, it’s important that your organization and your contracting organizations keep their browsers up to date.
5. Changes in environment.
As the world changes and moves towards more working at home, it’s more important now than ever before to protect end users working with sensitive data. Suddenly, users are on home networks, public networks, borrowed neighboring networks (regardless of what your work from home policy might require). It’s nice to imagine that these users have all updated their router firmware, are using the top-level encryptions on their Wi-Fi networks, and have complex passwords, but there is no guarantee. They are still the first line in defense for your organization, so they need to be educated on ways to be safe at home.