web analytics
Home | Columnists | Accounting | Accounting - Creating cyber warriors from employees

Accounting - Creating cyber warriors from employees

image Lee Ann Collins, Managing Partner, Lane Gorman Trubitt, LLC Dallas, TX

DALLAS/FT WORTH - I recently sat down with our IT professionals to have a discussion about what types of cyberattacks are out there and how we can protect the company we love. This lead to me staying up late that night reliving the numerous ways that a malicious attack could impact a business. I am the leader of a company that supports many families, not only our employees and their families, but also our clients and their employees. Being well-informed is the first step to a stronger cyber defense.

    Unfortunately, cyberattacks are not so obvious. They can often happen quietly in the background, and you won’t know it’s a problem until your information is breached and available to the public. Also, many companies don’t understand how important it is to be vigilant until it’s too late. Below are statistics, compiled by Varonis, about cyberattacks and its impact on businesses, individuals, and our nation.

•    In 2017, 147.9 million consumers were affected by the Equifax Breach. The total population of the United States is currently 329.09 million adult consumers.
•    In 2017, cybercrime costs accelerated with organizations spending nearly 23 percent more than 2016—on average about $11.7 million.
•    The financial services industry will spend, on average, $18.3 million to resolve a cybercrime. The loss of data represents 43% of total costs.
•    Ransomware attacks are growing more than 350% every year Ransomware damage costs will rise to $11.5 billion in 2019, and a business will fall victim to a ransomware 
     attack every 14 seconds.
•    The United States and the Middle East spend the most on post-data breach response. Costs in the U.S. were $1.56 million and $1.43 million in the Middle East.
•    21% of all files are NOT protected in any way.
     (https://www.varonis.com/blog/cybersecurity-statistics/)
All of these are terrifying, and they don’t just affect large corporations. According to Smallbiztrends.com:
•    43% of cyber-attacks target small businesses
•    60% of companies will go out of business following a cyber-attack
•    Most cyber-attacks are the result of a negligent employee or contractor
(https://smallbiztrends.com/2017/01/cyber-security-statistics-small-business.html)

How can your business be attacked?

    The goal of every cyberattack is to gain access to your system. It can be malicious like we saw with the 2016 Mirai Botnet, which attacked the service provider Dyn and ultimately shut down a large section of the internet including Netflix, Twitter, and CNN.
    In May, the City of Baltimore was one of several municipalities that were attacked by ransomware this year. Hackers demanded that the city pay almost $80,000 in bitcoin to release the city’s servers that control everything from email to billing. This attack prevented city employees from accessing the system for more than a month and the city was unable to distribute the June utility bills. Just to recover from this attack the city had to set aside $10 million in emergency funding.
    Remotely accessing internet-connected devices is not the only way your network is at risk. Physical in-person attacks can be just as harmful. In fact, an unattended workstation with a USB port is a prime opportunity for malware and keystroke logging to be introduced to the network.
    Once they are connected to your network, malicious individuals can bombard your servers with information causing them to shut down, called a denial-of-service attack. Your network can also be held captive by ransomware that sections off access to data until an undetermined amount of money is paid to the “bad guy”. Unfortunately, there is no assurance that once the ransom is settled that the information will be restored.

How do you prevent it?

    Turn your employees into cyber-warriors for the company. Train them on how to identify threats within emails and websites. Explain proper password procedures, and institute a multi-factor authentication process when vital information is being accessed.
    Protect your physical assets by creating a visual database that is regularly maintained so that employees are easily identified. A visual database can be anything from photo ID badges to a seating chart with headshots on your local intranet.
The best defenders for your company are the people that work for it, but former employees who left on bad terms can become also malicious agents. When an employee is terminated or leaves the company for another opportunity, protect your information by immediately removing access to any system and changing their passwords.
    I know that your company is as important to you as Lane Gorman Trubitt is to me. Empowering your employees with training and tools to defend the company they work for is the best line of protection.
    To better safeguard your business, it is always good practice to contact your local security firm. If you require any additional cyber security information or resources, you can always check out the International Association of Privacy Professionals (IAPP) website.

About Lee Ann:
    A long-time authority in the construction industry with more than three decades of experience in public accounting, Lee Ann Collins is the managing partner at Lane Gorman Trubitt, LLC. During her tenure with the firm, she has collaborated with clients of all sizes consulting on business planning and taxation strategies, financial analysis, and the preparation of compiled, reviewed, and audited financial statements. Lee Ann often serves on boards of industry organizations working toward effective solutions for members, and she is a frequent speaker on financial reporting and taxation matters within the accounting community.


Need a Reprint?


   
Author Info

CN Contributor info@constructionnews.net