The Most Important Benefit
Cybercrime is the number one crime in the world according to the Cybersecurity Infrastructure Security Agency (CISA) and is expected to reach over $10 Trillion in damages by 2025. The trend is expected to continue rising for many years. The major targets are businesses, employees and their families that have not taken the time to strengthen their cyber security defenses.
When an employee loses their reputation and finances to Identity Theft, it literally turns their world upside-down. It is an exigent emergency that takes them away from work, causes extraordinary financial strain and demands, and requires extensive legal resources to remedy. Most employees have some notion that this is dangerous, but don’t fully understand the impact.
Wouldn’t it be nice to spare them this pain and angst? Wouldn’t it be nicer to have your employee focused and at work instead of calling out in a panic due to this emergency? You can protect them, and protect your business, proactively.
The tools used by cyber criminals include viruses embedded in emails, texts (smshing), ransomware, malware, websites, and other means. Trusted, vetted security tools can prevent nearly all of this, but they are not all the same. Whitelist antivirus, for example, is one of the only tools that can stop previously unknown attack methods including Zero-Day malware and Ransomware. Having a team of experts identify and vet these tools can provide you with significant advantage and overcome the “technology gap.” With more people working from home and remotely it has now become a “target rich” environment for the cybercriminal, particularly because they lack the more common (but expensive) protections in place for larger corporate networks.
Individuals, families, and businesses that have experienced these crimes know the devastating consequences that result from them. All too often people’s life savings are wiped out, and families made destitute.
Many small businesses that have experienced these types of attacks are often out of business within months after an attack as a result because the recovery cost most often exceeds available capital reserves.
So, what is the answer or remedy for this bad news? Well one answer is to build up your cybersecurity defenses so that your business and your employees are NOT easy targets. Cyber criminals (like most criminals) will not spend their time, money or efforts on a business or person if they have a robust defense posture – their goal is to steal, and there are plenty of easy targets to attack if you and your employees become a “hard target.”
That defense begins with your employees’ cybersecurity. They are your first line of defense. If you don’t defend them, they can fall prey to these consequences, and your business will suffer from a loss of staff and potentially a loss of your own assets.
Years ago, miners would take a canary with them when they went into a mine. The canary was the active warning system to warn of dangerous gases. The canary would sometimes die; but it would always warn the miners that dangerous gases were present. But employees are not canaries.
Employees of a company all too often serve as the first warning that something is not right. If a business starts seeing people in their company become victims of cybercrime, that’s a major clue. But at that point, protecting those employees’ costs hundreds of thousands of dollars just for the employee’s recovery of their identity, reptation and correction of their credit score, not to mention the absences and sub-par performance of an employee under such extreme stress. Educating them as to the risk and consequences builds an appreciation for the benefit. Providing protections including proactive security and identity theft coverage will also build loyalty from them knowing that their employer is actively looking out for safety and concern.
Employees working remotely need protection for their cyber assets too, because they likely use their own computers to work from home, and most certainly connect to their home network before they access your company network. If they get a cyber infection and connect to work, they bring that infection with them and likely spread it. But unlike a human, it’s not obvious that the computer is sick, until it’s too late. Protecting them is protecting yourself, in several different ways as we’ve articulated.
You need coverage with vetted, trusted, proper cybersecurity protection. Today, coverage for cyber security protection is no longer a luxury but a necessity for companies and their employees as the statistics clearly show that there are more and more victims every year.
Some companies’ leadership know other people who have suffered cyber-attack and the nightmare of recovery, while others think “It hasn’t been me, thus it won’t be.” The latter perspective is like saying “I’m a good driver, so I don’t need car insurance.” It ignores mechanical failures, road conditions, weather and other drivers, the combination of which are responsible for far more issues than the driver is. We’ve enumerated some of the more serious consequences in this article but by far, not all of them. Since 2005 when it began, the Common Vulnerabilities and Exposures project (https://www.cve.org/) has counted 198,881 publicly known computer and network security vulnerabilities and exposures. That’s an average of 30 issues a DAY since 2005, and the pace is accelerating. And that’s just the Publicly known issues. Ten Trillion dollars damage ($10,000,000,000,000.00) a year by 2025 may be a gross underestimate.
Do what is necessary to get your and your employees protected. Employee coverage should include a NIST Compliant Whitelist Antivirus, Identity Theft program, VPN, Password Manager and Vault and cyber safety training at minimum. As a business owner you probably want to consider becoming compliant with NIST cybersecurity recommendations, the Capability Maturity Model Certification (CMMC) and reviewing which security systems have been reviewed and approved for use by the federal government (FedRamp Certifications).
Remember that criminals will attack the easiest targets and ignore the hard targets until later. The best offense against these cybercrimes is a good defense. This is a case where you DON’T want to be the last adopter in the market. Don’t be an easy Target.
Chris Kirkland, CEO
Doug Gould, CTO
Cyber Team U.S.