In today’s digital-forward landscape, it’s no surprise that business leaders are more concerned than ever about a potential data breach. In 2019 alone, the average breach of U.S. companies cost around $73,000, which, for some companies, may be the deciding factor of whether or not they can afford to stay in operation.
This concern isn’t going away–in fact, it’s only growing. Phishing attempts have grown 65% in the last year and are expected to continue to rise in 2020, especially as consumer-friendly tech-forward operations are continuing to be implemented and developed. But while technology and services continue to be fine-tuned, so are the strategies behind phishing scams.
2019 In a Nutshell
More than half of all data breaches in 2019 were not performed using malware, according to Crowdstrike. That’s an important factor to consider because malware is usually easily detectable and can be caught more quickly. What’s happening is that hackers are finding alternative and more sophisticated ways to access a company’s network using its own existing systems. This can be done by logging on with an employee’s stolen information.
As these breaches go more unnoticed, this opens the door for major issues such as losses, further damage to a network, and irreversible damage to a company’s reputation with its customers and clients. The average amount of time a hacker spent inside an organization’s network in 2019 was 95 days before being detected, up from 85 days in 2018. That’s a lot of time that one hacker can create big trouble.
The Development of Phishing
Phishing used to be detected via malware installed on a computer after someone had opened an email or a link within an email that was tainted. Now, hackers are evolving and finding their way into systems in various ways. These attacks are becoming more sophisticated.
For example, a hacker might spoof an email address of someone at a company and send out messages to the company from there. Once the employees who receive the message click on the email or a link inside it, not realizing it was fake, they’ve given away their login credentials and on down the list it goes.
Hackers are also taking strides to emulate a company’s leaders and supervisors by reading their emails to get the cadence of their messaging down. It used to be that a phishing email contained choppy language or misspelled words. Now, hackers are doing their due diligence to make their emails they send out look, sound, and feel like authentic messages. They’ll even head to an executive’s social media account to see what information they can use to personalize a message.
Combating Hackers and Phishing
It may sound like trying to nail down hackers and what they’re doing to accomplish their network infiltration attempts is a fool’s errand, but there are in fact measures that can be taken.
First, companies should be sure to lay a foundation of security around their networks and their operations. While they need to make sure they invest in the best cybersecurity enforcement available, protecting information, reputation, and assets through cyber risk services insurance is another step that needs to be taken.
Cyber risk services insurance helps to provide coverage for everything from social engineering to post-breach remediation costs to business interruption. Having this will help calm the storm of having to deal with the fallout of a phishing scam.
Next, a company should make sure all employees are properly trained and educated around phishing and data hygiene. Have procedures in place for anything that could possibly happen. Also, it helps to not be factored into the potential for risk.
An important understanding is that any company of any size and industry can be a target. Knowing that hackers are hungry for any and all information should alter a company’s mindset so that they are able to face the reality of having to be more mindful of daily tasks and network security.
About Connected Risk Solutions
At Connected Risk Solutions, we use our expertise and experience to provide insurance information and programs to those who serve long-term care and senior living facilities. Since 2007, we’ve been offering insurance and risk management plans designed to help our agents give their clients the ability to achieve continued growth while simultaneously protecting against loss, containing costs and increasing profitability. To learn more, contact us at 678.359.6365.