Welcome to our second in a series of Internet security articles. In this article, we discuss the impacts of cybercrime and Internet security best practices from the perspective of Dave Truitt, CEO of Discover Technologies.
The Tasker Blog: As CEO of a growing technology company, what is your greatest fear regarding the recent rise in cybercrime? In other words, what scenario keeps you up at night more than any other? Why?
DTruitt: As a growing small business that has gone entirely to secure cloud providers for our network infrastructure, I feel we are in good shape regarding our risk from an infrastructure perspective. However, email opens the door for cybercriminals to gain access using sophisticated phishing attacks. Once an employee makes a mistake and clicks on a malicious link or provides their password, the cybercriminals now have access to the network and can gain valuable information that can be used to attack in multiple ways.
We experienced a phishing attack where one of our employees provided their password information and cybercriminals were able to gain access to our network and our email. They used this access to spoof/reproduce a vendor’s website and contact information. We were lucky and quickly noticed the breach and were able to prevent any harm or financial loss.
In response to this, our company underwent a forensic cyber analysis to discover where breaches had occurred and what information had been accessed. We followed this up with mandatory training for all employees, followed by ongoing exercises to ensure everyone could assist with defending our company by being able to recognize cyber-criminal initiatives.
So, email is what keeps me up at night. It is difficult to fight against email attacks as cybercriminals are getting more and more sophisticated with their capability to trick employees.
The Tasker Blog: That’s great that the company was able to prevent financial loss. Unfortunately, not every company is that fortunate. Have you heard of similar experiences from your friends/peers at other companies?
DTruitt: Yes, I personally know of several companies that have had their networks and data locked up and ransomed. Unfortunately, there are only a few ways to handle this scenario and most companies have no choice but to negotiate a settlement with the cybercriminals. Once your network is compromised and you have no access to your data, a company must simply do what is necessary to get back up and running. Having said that, it should give every company the determination to take proactive measures to ensure they never face an attack that has the potential to severely impact its future.
The Tasker Blog: As you mentioned earlier, moving to a cloud-based infrastructure helps companies of all sizes leverage state-of-the-art security from national/global providers. However, even after making this move, email remains a security risk. With that in mind, how has the COVID-19 pandemic further impacted the threat of cybercrime?
DTruitt: With employees working virtually during the pandemic, many companies were not prepared to secure employees who were no longer logging in from machines physically located at the office. The work-from-home scenario has added much more complexity to securing company assets. Individual home networks are easy targets for cybercriminals. There was limited time for employees to be trained and systems to be upgraded to accommodate working from home. I believe that a large percentage of the workforce will remain at home, even after the pandemic is over. Many employees will return to the office, but many others will not go back on a full-time basis. This will force employers everywhere to have a comprehensive solution, regardless of where employees reside.
The Tasker Blog: What special IT security considerations should we be aware of with the shift to a growing and permanent remote workforce?
DTruitt: There are many factors that companies must consider. Limiting what software can be loaded on a device is very important. Keeping anti-virus software consistent and up to date for all employees is paramount. Additionally, moving to two-factor authentication and employee training may be the most critical components to address. Regardless of the technology that you implement to help address this issue, employees must do their part to keep the company safe from attack.
The Tasker Blog: Compared to large organizations (with potentially larger IT budgets), how should small and mid-sized businesses approach cybersecurity?
DTruitt: I do not see much of a difference between the approach for small to mid-size vs. large businesses. All companies really need to deal with these threats, so all must be dedicating the appropriate percentage of budget and time to ensure that their business is not in jeopardy.
Companies that are integral in supply chains and delivering in situations where any interruption will cause catastrophic damage to their customers and their bottom line (see the Colonial Pipeline hack) are especially at risk. Any interruption needs to be dealt with very quickly to ensure the business survives. This leaves these types of organizations especially vulnerable and as such, they are the biggest targets of cybercriminals.
The Tasker Blog: Do you see the future of cybersecurity as being more focused on technology or more on humans/culture?
DTruitt: As technology develops, it will get better over time in enhancing cybersecurity, however, cybercriminals will continue to get more sophisticated as well. It will need to be a combination of humans/culture/training and better technology to keep companies as safe as possible.
The Tasker Blog: In your opinion, how are CEOs uniquely positioned to reduce the impact of internet security threats?
DTruitt: CEOs set the tone for the rest of the organization. If the CEO is not taking these threats seriously, the rest of the organization will follow suit. He/she will set the example as well as provide the resources and the budget to ensure a secure environment and reduce the risk for all employees.
The Tasker Blog: Switching gears over to software providers… How critical is it for software product companies to build security into their products?
DTruitt: Critically important. If a software product is seen to increase security risks, it cannot hope to grow market share in today’s environment. Whether is it Business to Business or Business to Customer, every software company needs to be able to explain very clearly where they fit in the overall security risk profile and why their products will only enhance and not detract from overall security.
The Tasker Blog: With that in mind, what approach does Discover Technologies take towards building security into the Tasker Suite and other products offered by the company?
DTruitt: Starting with the point that apps are more difficult to hack than email, our approach is to build on top of platforms, such as ServiceNow, that are leading the industry in security. Our data is stored in the platform and backed up regularly. Also, any links within the data that are outside of the app domain are automatically trapped as potential risks.
Regarding ServiceNow and our Federal clients specifically, we are part of ServiceNow’s FedRAMP cloud. As part of this program, ServiceNow certifies our codebase to verify that new software releases do not introduce security issues.
Stay tuned for the next article in our series, where we will discuss Internet security considerations with our security roundtable.