With the recent Equifax data breech, many businesses are wondering how much they are at risk. Unfortunately, the number of attacks is growing.
On Thursday, Jay Ryerse, CEO of CARVIR INFOSEC, a local company dealing with cyber security, gave some helpful information on protecting personal information and client information from hacks at a Lunch and Learn event hosted by the Cumming-Forsyth County Chamber of Commerce.
“Whoever owns the data, you have the ultimate responsibility,” he said. “That’s why the top brass at Equifax have all resigned because they know it was on them; it was there responsibility to ultimately put in policies and put systems in place to protect that data and they didn’t do it.”
Though he was speaking with healthcare officials at the meeting, Ryerse said nine sheriff’s departments, along with banks, county governments and private businesses had been targeted this year.
Ryerse said it was important for businesses to be proactive about the attacks rather than reactive, using a hacked healthcare provider in Athens as an example.
“They were worried after the fact about their patients’ information being hacked,” he said. “I think you’re better off talking about it today before it happens and how are you going to handle it in your business, what’s that going to look like if it happens and what is your plan to actually tackle that when it comes out.”
He said some consider hacking to be a problem in other countries, but that the United States is the biggest target.
“They’re going after the U.S.,” said Ryerse. “It’s happening here more than anywhere else because, again, the bad guys are going where the money is. Europol came out and said it is the number one threat to the European Union.”
Attacks, such as ransomware, which can be installed through downloading the contents of fraudulent email and lock the users’ content until a fee is paid, are on the rise.
“Cyberattacks keep growing,” he said. “In 2016, the number of them quadrupled over 2015. This year they expected it to be double last year’s, but they hit 250 percent [more] by May. That’s how fast these things are happening and we don’t hear about them.”
Ryerse said the attacks seem less common since businesses are less likely to freely share that they were hacked due to embarrassment, negative reactions from the public and potential legal issues.
To minimize concerns, Ryerse recommended businesses have a security assessment done, change passwords regularly, have a firewall set up, back up information and other safety precautions.