Editor’s Note: Southern California cybersecurity professionals recently gathered to talk about the increase in crimes, and how business leaders and individuals can protect themselves. Check out the recap below.
The COVD-19 pandemic quickly made security a top goal for companies and organizations throughout the world, especially as attacks increased with offices transitioning employees to work-from-home environments.
COVID-19’s impact and the growing number of crimes was the focus of Cybersecurity Night, a series of panels and discussion rooms on June 15 hosted by the Fresh Brewed Tech community in Southern California. The event, which was supported by Cox Business, SDCCOE, and SD CISO Roundtable, covered topics such as ransomware, cybersecurity insurance and cybersecurity communications.
Leading the Cybersecurity Night discussion rooms were Vidya Murthy, vice president of operations at MedCrypt, Jara Tripiano, principal technical manager and division head for cybersecurity engineering at Naval Information Warfare Center Pacific, Kris Virtue, vice president of cybersecurity at Qualcomm and Brent Bowers, vice president of engineering and operations at Cox Communications.
“We’ve certainly seen a massive rise of ransomware,” said Virtue during the Mainstage panel. “I think there’s a sea change or an acceleration with security as an important asset.”
Still, Virtue said most companies lack the security they need to keep their businesses safe. On a sale of 1 through 10, Virtue gave most large companies a 6 in security preparedness, while small-to-medium-sized businesses were rated a 1 to 2 range.
So how do business leaders secure their companies?
Murthy and Tripiano both recommended “risk-based decision making.”
“A lot of these attacks you see didn’t involve rocket science,” said Tripiano, who recommended taking easy, first steps such as closing unused accounts and having challenging passwords.
“Risk-based decision-making really drives a lot of great decisions,” Murthy said. “(You need to) use the right tool for each situation.”
Panelists and other participants continued their discussion in breakout rooms with focused topics.
In a discussion with Virtue in the Ransomware program, an attendee who works with victims of ransomware attacks said the crime is on the rise. He said the crime began to increase during the COVID-19 stay-at-home order.
“We take cases of $10,000 or more because scammers don’t care if you have $100,000 or $10,000,” said the participant, who noted a recent client lost $250,000 after “meeting” a man on Facebook who she thought she loved.
Virtue said ransomware has turned into an “underground market.”
“It’s turned into kind of a factory,” Virtue said. “The amount of money they are making is astounding.”
Virtue spoke about steps internally that Qualcomm has taken to ensure attacks aren’t happening. He talked about staying updated with the latest techniques criminals are using to understand what kind of tools your company can implement to stay safe.
Three participants who wanted to learn more about breaking into the cybersecurity industry gathered together for this session. The participants shared information about the type of certifications that are needed to develop a career in the cybersecurity industry.
The recommendations of certifications included Security Plus, AWS and Cybersecurity Bootcamps. Participants also recommended establishing a career in the technology industry.
There’s a growing demand by companies to recruit talent familiar with the cybersecurity space, participants noted. But, it’s more than just about helping companies protect themselves.
“I’m more interested in making sure my information is secured, and me and my family are taking the right steps to protect ourselves,” one participant said. “(How do we) mitigate the risk and protect ourselves?”
In this discussion of cyber insurance, two participants who work in the space discussed the complexities of cyber crimes and specific stories they’ve encountered.
Erik Motsenbocker, founder of Pacific Premier Insurance Associates, said there’s been a recent uptick of crimes in the real estate industry. He spoke specifically about a client, who attempted to sell a house, but the buyer wired the money to the wrong person. The criminal, he said, clearly monitored when the transaction would take place so they could steal the funds.
“It’s a game of vulnerability,” Motsenbocker said. “They just started pointing fingers on where the breach came from.”
Morgan Justice from Coalition, Inc. recommended that small companies purchase a cybersecurity insurance policy of at least $1 million. However, because crime has increased, insurance may be a requirement for some companies who work with B2B clients.
“Microsoft’s overall goal is to be as transparent with the customer as possible — Telling them the bad news in a way so they know how to approach the situation so that they can resolve the issue,” Zhuk said. “Our goal is to make sure the customer knows what’s happening, but Microsoft is there to provide them with a hand.”
Zhuk also spoke about the demand to receive information as quickly as possible.
“Customers want speed, especially today, but there’s a strategic part with communications,” he said. “We want to make sure there’s time for an investigation. We have to think strategically on how to communicate to customers so we’re not causing another incident on their end.”
App Cloud Security
In this conversation, participants spoke about the ample amount of app cloud security tools, but the lack of usage by companies.
Kyle McNulty, manager at Focal Point Data Risks, said he felt there was a lack of security tools among companies and the challenge may be that people feel the information is daunting. Business leaders may also feel as though they’ve hit a roadblock because they don’t have anyone internally who can implement the security tools.
Christopher Rae, senior vice president at Verimatrix, spoke about the solutions his company offered and the clients they work with across an array of industries, including automotive, gaming and banking. He said their solutions are automated and are often up-and-running within a couple of days.
Download the latest info about smart email security tips thanks to our partners at Cox Business.