You may also be interested in:

Articles

Cyberattacks: The Latest Stage in Crime’s Evolution

  • By Andrew Deichler
  • Published: 6/4/2015
The recent surge in cyberattacks is not merely a spike in a particular method of crime. What we are currently witnessing is the evolution of crime itself, and treasury and finance professionals need to be ready for it.

“The most sophisticated, hostile, criminal syndicates are giving up traditional crime,” said Brad Deflin, president and co-founder of Total Digital Security, during last week’s CTC Corporate Treasurers Forum in Chicago. “Why wouldn’t they? It’s far and away more profitable. You don’t get killed. You don’t use weapons. You can do it from anywhere. You’re anonymous. The penalties aren’t what they are if you take a gun and rob a bank.”

And often when cybercriminals do get caught, there’s an upside. Law enforcement has been known to bring hackers on board to help them with future cases. “So there’s an enormous incentive,” Deflin said. “So in the next 12-60 months, this is going to be the Wild West. We’re going to see stuff we never thought we’d see.”

Given the ever-increasing risk, Deflin provided some best practices for mitigating cyberthreats. “You will not eliminate all of the risks, but you will mitigate them substantially,” he said.

Protect your personal devices. More and more, companies are allowing their employees to connect their personal mobile phones, laptops, notebooks, etc. to their networks. These devices need to have the best protection then, because if they aren’t, they become a convenient gateway for a hacker. “The devices need to be protected—even home computers,” Deflin said. “That’s antivirus, that’s intruder protection, that’s data loss protection. This is easily solved, but in a proactive way—not where all the work is being done on the device—but where there’s an IT secured center in the cloud.” Cloud-based security centers allow businesses to avoid the expenses of installing systems.

Use a virtual private network (VPN). A VPN allows users to virtually go “invisible” on the internet, Deflin noted. It used to cost businesses hundreds of thousands of dollars to set up VPNs, because they would have to set up their own servers, IT, etc. “Now, it’s $5 a month,” he said. “And they work now. The service has multiple IP addresses; they float, and you can direct them. If anyone looks at my IP and I don’t want them to know I’m in the U.S., they’re going to think I’m in Finland. It’s very thin client software on the device, with the heavy lifting being done in the cloud.”

Secure your email systems. Deflin stressed that email is the backdoor to every system. “Every email has an IP and metadata,” he said. “The U.S. government says that if you follow somebody’s metadata on their email, you have put them under surveillance. That is how much information is in this public envelope within email. You can design email systems that strip that, so your emails are just white noise over the internet. Nobody cares what they see; there’s no value there. It’s not hard to do, and it’s not expensive.”

Encrypt your data. “Nobody wants to put in encryption keys, double authentication and things that require user behavioral modifications,” Deflin said. “But there are now solutions that do not require that. It feels like the cloud; you have applications on all of your mobile devices. But it is end-to-end encryption, no data on clouds, and it’s as bulletproof as these things get today.”


Negotiation Skills for Treasury and Finance Professionals
On December 6 & 13, learn to negotiate more effectively, following an interest-based negotiation model. Master the three most important phases of any negotiation: exploring the context, expanding the constraints, and dividing the expanded resources appropriately.
Learn More

Copyright © 2018 Association for Financial Professionals, Inc.
All rights reserved.