Knowing the emerging and continuing trends of threats in cybersecurity gives us an idea of where to start improving for the new year. Cyber criminals historically have followed the trends of the majority of the cyber community. Their goal is to negatively impact as many individuals and corporations as possible. With that said, it is great to know the threats, but even better to know how to mitigate the threats that come across to you as an individual and as an employee.
Existing and Emerging Trends and Threats
“Just like legitimate businesses, fraudsters are planning ahead for 2013,” said James Gifas, head of RBS Citizens Treasury Solutions. During, and just after the holidays is when many fraud schemes pick up, as more people feel stretched with greater year-end expenses. Gifas warns companies that they might have several blind spots they’re not considering, particularly when it comes to employee fraud, according to an aritcle by Chad Brooks of Fox Business.
Here are a few ways you can protect your business and the organization you work for.
1. Create strong passwords:
Hackers have more processing power to crack passwords than ever before. With that said, ensure that passwords are complicated and include a combination of uppercase letters, lowercase letters, digits, and symbols that aren’t easily searchable. – Chad Brooks, Fox Business
2. Store passwords safely:
The strongest password in the world won’t protect an account if the perpetrator can read it from a slip of paper that has been placed in a desk drawer. Keep passwords behind lock and key. – Chad Brooks, Fox Business
Keep passwords secure with password keepers such as RoboForm or Keepass. Employees and individuals can store their passwords and only have to remember that one complex password that they created for the password keeper. Excel spreadsheets, post-it notes, and other insecure methods for storing passwords are fully discouraged. – Kristin B., CSID
3. Continued and increased employee security training:
Many fraudsters find it easier to trick a person into revealing account credentials than to hack into a computer. Training employees to not provide any user name or password information over the phone or email is a vital measure of protection. – Chad Brooks, Fox Business
4. Locking computers:
Ensure employees are locking computers each time they leave their desk, even if they are just stepping away for a minute. – Chad Brooks, Fox Business
5. Know vendors:
It is wise to conduct some due diligence around new vendors or other payees. – Chad Brooks, Fox Business
6. Surprise Audits:
Surprise audits are a good way to detect and deter occupational fraud schemes so that funds can’t be manipulated ahead of scheduled financial reviews. – Chad Brooks, Fox Business
7. Vacation policies:
Making sure that there are periods of time in which employees are away from their desks and have their records available for oversight has been supported by financial regulators for years, but all companies benefit from this policy. A one- or two-week window can provide the additional transparency needed to expose internal fraud. – Chad Brooks, Fox Business
8. Dual Approvals:
Implementing processes that require dual approvals for escalated privileges is an easy way to minimize certain fraud risks. – Chad Brooks, Fox Business
9. Company Money Access:
Do not have company checkbooks out in the open, as it leaves bank account information visible and increases risk of theft. – Chad Brooks, Fox Business
10. On-site Collections:
Outsourcing collections mitigates risks that emerge when receivables checks are lying around the office. – Chad Brooks, Fox Business
Take a look at the full article from Fox Business. You can also check out CSID’s blog post recapping the Top Security and Identity Stories of 2012.
How to protect yourself and your company
These tips can turn out to be very useful in preventing an attack on your personal or professional life. With cyber security threats expected to increase, make a point to increase your mitigation tactics.
Share your tips for protecting your business with us on Facebook and Twitter.