The popular press naturally focuses on adverse news about cybersecurity. For example, we all saw coverage of the massive 2017 Equifax data breach that potentially compromised millions of Americans’ information. The good news is that private businesses and other organizations are taking notice of this news. As a result, they’re implementing good cybersecurity practices to protect their own networks and the data and information stored there. At least five positive trends have sprung from adverse cyberattack news.
- Private businesses are using better security on their Wi-Fi networks.
Changing the default password that comes with a Wi-Fi router is a start. But increasingly, private businesses are using Wi-Fi protected access 2 (WPA2) to restrict access to their wireless networks. Recent news about the KRACK flaw in WPA2 has pushed private businesses to add even greater security to their wireless networks. Some even prevent the network router from broadcasting the network’s name, thus making it less discoverable to hackers.
- Companies have adopted multi factor authentication for logins to their networks.
Two-factor or multi-factor authentication (2FA or TFA) requires a network user first to enter a password for a network login. It then asks the user to enter a second piece of information that was sent separately, typically with encryption. A network user with genuine credentials is theoretically the only person who will have that second piece of login information. This extra step prevents a hacker from logging in to a network with only a user ID and a password. While hackers can easily steal these credentials in a data breach, the second piece of authentication is a little trickier.
- Businesses are relying on virtual private networks (VPNs) to encrypt data into and out of their networks.
VPNs segregate all information sent between a network and any remote device from the rest of the internet. VPNs encapsulate transmitted information with data packet tunneling technology that limits who can see and interpret that information. A hacker that sniffs the encapsulated data out of the network will theoretically see only a string of encrypted gibberish. It’s easy to see how this tool can be useful for organizations with remote employees and more.
- Cybersecurity insurance for private businesses is helping them to prevent data breach fallout.
The management of cybersecurity risks is moving out of the information technology department and into the corporate executive suite. As cybersecurity becomes more of a global corporate concern, it gains visibility. Leaders are seeking cybersecurity insurers for guidance on how to protect their organizations against data breach. This includes educating employees and protecting their customers and clients. Mitigating cybersecurity risks nowadays entails a multi-pronged approach. There’s prevention, which insurers can help with by providing advice and helping to identify weak spots in organizations’ defenses. Then there’s insurance, which helps manage the financial and reputational aftermath.
- Password managers are effective substitutes for policies that require frequent password changes.
Private business employees generally do not want to remember long and complex passwords. And they do not like to change passwords even though employers might require network login credentials to be updated frequently. Password managers manage this task for them, as the name implies. A good password manager will require a network user to remember only the password needed to enter it. The manager then generates, retrieves, and tracks different passwords for multiple logins in a secure environment shielded from cyber attackers. Most password managers can be set to change passwords frequently to further throw hackers off their game.
If your organization is keeping up with these trends, you’re actively reducing the chances you’ll fall victim to a cyberattack. If not, there’s no better time to start than the present.