Every few minutes a business in America deals with some type of cybersecurity threat. And the war in Ukraine is prompting new warnings.
“Most of the software out there doesn’t recognize borders. It doesn’t know this is a Ukrainian target or Russian target. To them it’s just another computer on the internet,” said David Sun, a principal at CLA.
Sun, who deals with cybersecurity, says he receives calls every day from businesses that have been the victim of a cybersecurity attack.
“They need to understand that it doesn't matter how large or small you are, you’re going to be a target. I do get companies who feel they’re too small to have to worry about this stuff,” Sun said.
Nine months ago, Connecticut passed a cybersecurity law that identified eight security standards for businesses to follow. If they follow at least one, they’ll be protected from punitive damages if personal information is accessed during a breach. The problem is not a lot of companies know about it.
“The world of cybersecurity is very complex, very scary if you’re not living in it,” said Tim Weber, of ADNET Technologies in Rocky Hill.
Weber helps companies improve their cyber security.
“Security is not a one and done. Security is something that has to be constantly reviewed, constantly checked on. Because everybody's system whether they realize it or not are changing on a regular basis,” Weber said.
Weber says the protection offered by Connecticut's law is good because the cost of a cybersecurity event is not cheap.
The cost of a cybersecurity event is not cheap either.
“When you see an organization that has a cybersecurity event, you know six figures, seven figures,” Weber said.
What can companies do to protect themselves?
“Implementing a good password policy, using strong passwords, implementing something called multi-factor authentication, which is where you get a text message with a code. You see banks doing that,” Sun said.
But cybersecurity is more than buying a new software system.
“Cybersecurity is more than a checklist of things. It’s more than a piece of software or a tool that you buy. It really is a holistic view of the organization and how they operate,” Sun said.