Protect Your Business from Evolving Cybersecurity Threats
By Jeff Weeks, Senior Vice President and Chief Information Security Officer
Cyberattacks aimed at businesses continue to grow. An attack can happen quickly—the average time needed to compromise an unprotected computer connected to the internet is just two minutes—and can cause great financial loss.
The types of attacks are also evolving as bad actors infiltrate the cloud, legitimate software, and valid credentials to try to avoid detection. But rest assured that ransomware attacks are still around and resurging after a decline in 2022.
It is important to remain vigilant to protect your business, so let’s explore current cybersecurity threats and tips on how to combat them.
The Top Five Cybersecurity Threats
You want to be on the lookout for scams of all types – new and old – all the time. But five to be particularly aware of right now are:
Nation State Attacks: Microsoft defines malicious nation state cyberattacks as those that benefit a country’s interest. Most of the attempted attacks FNBO sees originate from Russia, China, and North Korea.
Ransomware: Ransomware attacks involve encrypting a company's data and demanding money for its release. A similar tactic involves stealing data and threatening to publish it if a ransom isn’t paid.
Phishing: This scheme involves crafting emails or messages (text, social media, chat) designed to trick users into downloading malicious attachments or clicking on harmful links that cause malware infections. They can also trick employees into performing actions like money transfers to fake accounts.
Remote Workforce: The shift to remote work has created new cybersecurity challenges. Employees working from various locations are more vulnerable to attacks.
Internet of Things (IoT): With over 30 billion IoT devices in use by 2023, the vulnerability to attack has expanded significantly. IoT devices can be hacked quickly, and once compromised they can serve as gateways to broader networks.
How to Combat Cybersecurity Threats
To protect your business against the evolving cybersecurity threat landscape, consider implementing the following practices:
- Multi-Factor Authentication (MFA): Enable MFA whenever possible to add an extra layer of security to your accounts.
- Anti-virus, anti-malware, and firewall software: Install and regularly update these defenses on all devices.
- Wi-Fi Security: Be cautious when using Wi-Fi networks in coffee shops, libraries, airports, hotels, etc. Ensure connections are secure and encrypted (look for the lock symbol).
- Credential Security: Do not use automatic login features that save usernames and passwords.
- Patch Management: Ensure an aggressive patch management program exists to update software and systems.
- Endpoint Protection: Deploy endpoint security solutions to enhance visibility and block potential cybersecurity threats.
- Challenge Questions: When answering security questions, don’t use the correct answer. For example, when asked the color of your first car, don’t use the word “blue;” instead use something unique like “Omaha3.”
- Penetration Testing: Regularly run tests and vulnerability scans to identify and address weaknesses.
- Data Encryption: Encrypt sensitive data on laptops and other devices, both at rest and in transit, across your networks and the internet.
- Employee Education: Awareness and training are crucial defenses against attacks, especially phishing.
Cybersecurity is an ongoing effort, and businesses must remain vigilant and proactive in safeguarding their data and systems. It's better to invest in prevention than to deal with the aftermath of a cyberattack. By staying informed about the latest cybersecurity threats and implementing robust security practices, you can help protect your business from potential financial and reputational damage.
Learn more about cybersecurity by visiting the FNBO Security Center.
About the Author
Jeff has been with First National Bank of Omaha for more than 20 years and is currently the Senior Vice President and Chief Information Security Officer. The executive leadership and oversight provided by Jeff in the development, management, and execution of information security for FNBO enables the company’s ability to posture and protect private, personal information, and assets of the company’s clients, employees, and business partners.
The articles in this blog are for informational purposes only and not intended to provide specific advice or recommendations. When making decisions about your financial situation, consult a financial professional for advice. Articles are not regularly updated, and information may become outdated.