We live in a connected world, and as the lines between work, home and travel blur, being always connected can expose your company’s intellectual assets to risk. As incidents of competitive intelligence and corporate espionage are becoming more prevalent, it’s a good time to heed the advice offered during Cyber Security Awareness Month. Here are four behaviors – let’s call them cybersecurity disconnects – that may open the door to significant data loss.
Trust
Busy people rely on and trust the tools that make it possible to work on the go. But some of those conveniences reduce security defenses. Plus, inattention to surroundings can reveal confidential information.
- While convenient and tempting, Public Wi-Fi is rife with risk and vulnerable to data exposure. While surfing online, personally identifiable information and payment card information may be visible to the opportune criminal sniffing your web session or cloning your accounts
- Removable media devices such as USB sticks offer quick and easy storage and transfer of data, but have long been the delivery mechanism of catastrophic malware
- Working in public places like the executive lounge, taxis, or up in business class can expose confidential details through an overheard conversation, curious shoulder surfer, or lost or stolen laptop
Unawareness
Sure, you know that cybercrime is in the news almost daily. But did you know that credentialed insiders present one of the most underreported yet biggest threats to corporate data?
Companies can protect sensitive data through effective policy and procedure development as well as providing routine training and awareness on:
- Social engineering tactics such as spear phishing and pretext phone calls
- Dangers of removable media and the importance of policies limiting their use
- Data compartmentalization and classification
- Personal factors and behavioral indicators that some Insider Threat for Intellectual Property Theft exhibit
Disregard
The IT department handles cybersecurity so it’s taken care of, right? Nope. Security-conscious organizations understand how threats to data security can originate from multiple sources and directions. Are you aware of enterprise weak spots, the sensitive digital assets your organization possesses, and the potential motivations of those attackers targeting it? Possibilities can include:
- A state-sponsored hacker group with a political bent looking for retribution
- A software engineer, passed up for promotion, who is enticed to sell your intellectual property to a competitor
- An employee of your maintenance contractor falling victim to a theft of his credentials to an adversary, causing a foothold on your network to be established and the exfiltration of customer payment card data from your network
Poor Planning
People who travel for business, especially to countries known for state-sponsored IP theft, should take extra precautions to avoid becoming a victim.
- Always bring a dedicated travel laptop and ensure the data you bring is just the minimum amount needed for the successful outcome of your trip
- Politely decline unsolicited upgrades for hotel rooms
- Keep laptop and other devices with you at all times, even when you’re in the gym, at dinner, or taking in some tourist attractions
Visit the Secure Halo blog often to learn more about staying protected in an always-connected world.
