Cambridge Chamber of Commerce

In this digital landscape, businesses are increasingly reliant on web-based platforms for their operations, communication, and customer interactions.

 

While this technological shift has brought convenience and efficiency, it has also opened the floodgates to a myriad of cyber threats – many no longer just centred on email-based breaches. 

 

As the digital realm expands, the need for robust web-based security becomes paramount for businesses of all sizes due to the escalating frequency and sophistication of cyberattacks.

 

Hackers are becoming more adept at exploiting vulnerabilities, often targeting sensitive data such as customer information, financial records, and intellectual property. The consequences of a successful cyberattack can be devastating, ranging from financial losses and reputational damage to legal repercussions.

 

These security breaches can erode customer trust and a single security incident can shatter the perception of a business as a reliable custodian of sensitive information, leading to a loss of clientele and tarnished brand image.

 

To address these challenges, businesses need to invest in cutting-edge web security solutions. These include regularly updating software and systems, implementing multi-factor authentication, encrypting sensitive data, and conducting regular security audits. Collaborating with cybersecurity experts and staying abreast of the latest threats intelligence is equally crucial in maintaining a proactive defence against emerging cyber hazards.

 

 

We asked John Svazic, Founder and Principal Consultant of EliteSec Information Security Consultants Inc. in Cambridge to share his thoughts on what businesses can do to ensure they are prepared for potential web-based security threats:

 

 

Q. When did more browser-based cyber threats begin to surface as opposed to spam emails?

 

A. This is a hard question to answer, but these types of attacks aren't new and have been around for a while, likely since the early 2000s at least, but not in any volume.  Most cyber-criminal attacks are based on opportunity and ease, so the rise can generally be attributed to companies adding more sophistication to their websites, especially as they try to go online.  

 

Q.  What brought on this apparent shift?

 

A. Opportunity is the biggest reason here.  With the rush to go online, which the pandemic only exacerbated, some companies may be taking shortcuts to get online by going with free/low- cost options to maintain margins.  While I can sympathize with this point, losing most of your margins to fraud may be reason to re-evaluate.

 

Q. Are there warning signs business owners should watch for indicating they might be susceptible to an attack?

 

AUnfortunately, not. The best way to prevent this is to go look for vulnerabilities yourself or get someone who is skilled to go looking for you.  Having said that there are a few things that can be done on your own to better protect yourself, including:

 

  • Making sure all your software is up to date. This is especially important if you are using a Wordpress site to host your online presence. Making sure any plug-ins or add-ons that you are using are up to date is important.
  • Protect your online social media with two-factor authentication (2FA). Yes, this can be annoying, but it is a proven way to protect your accounts. Nothing is more painful than trying to get your Facebook or Instagram account back from a hacker, and many companies either pay up or are forced to create new accounts.
  • Never re-use passwords!  Getting a password manager is incredibly useful to prevent this and provides a great way to help share accounts between employees if necessary. Most can help store your 2FA code as well, so you don't need to share a single phone between individuals.
  • Hire a security professional to do a vulnerability assessment or penetration test of your web presence. Be sure that they are qualified by asking for references and samples of their work.  This is the costliest option but one worth considering if you want to be sure.

 

Q. What is one of the first steps they should take in terms of boosting their security?

 

A. Make sure that whatever you're using is fully patched. If this is offloaded to a hosting company or some other third-party provider, ask them what their patch cycle is. How frequently do they update, and do they do any third-party testing of their own infrastructure?  If a company is doing online sales, using a trusted partner like Shopify, Squarespace, etc., is a great way to check these boxes as these are reputable firms that take security seriously, which helps to offload the risk to someone else, albeit at a cost. 

 

Q. Are smaller businesses more susceptible to potential attacks than larger ones?

 

A. Sadly yes. While news headlines often focus on bigger named companies getting hacked and having to pay ransoms, the reality is that hundreds of smaller companies are getting hacked each day and not making headlines because they're just not big enough to report on, or they're too scared to report the attacks themselves out of fear of losing customers/reputation. Smaller companies often lack the resources or money to seek out help, so it can be a real catch-22.

 

Q.  If an attack has occurred, what should be the first step a business owner should take?

 

A. First check your business insurance to see if you have cyber insurance. Often, these policies will dictate who to call and what to do. Many brokers will recommend this type of insurance if you have an online presence, so it never hurts to start there. As most of these attackers are coming from outside the country, law enforcement won't necessarily be able to help, but report a cybercrime.  Start with the Canadian Centre for Cyber Security and report the incident. I would then recommend reaching out to a cybersecurity professional that specializes in incident response to help rectify the situation. Again, if you have a cyber insurance policy, this should be covered by insurance.

 

Q. Is it possible to become too paranoid regarding cyberattacks?

 

A. Absolutely. But it's best to always put things into perspective before things become too overwhelming. If you take some basic precautions, you can put most of these concerns aside.  It's always about perspective and the realization that raising the bar on cybersecurity isn't hard, and even small changes can deter potential attackers. Most cyber criminals are lazy, so they won't put in a lot of effort for minimal rewards. But if they can pull of a hack because it's easy, then they're willing to put in the effort for a few hundred to a few thousand dollars of potential payoff.

 

add a comment
Subscribe to this Blog Like on Facebook Tweet this! Share on LinkedIn

Contributors

Blog Contributor Portrait
Brian Rodnick
218
November 1, 2024
show Brian 's posts
Blog Contributor Portrait
Greg Durocher
41
July 28, 2023
show Greg's posts
Blog Contributor Portrait
Canadian Chamber of Commerce
24
January 29, 2021
show Canadian Chamber's posts
Blog Contributor Portrait
Cambridge Chamber
2
March 27, 2020
show Cambridge 's posts

Latest Posts

Show All Recent Posts

Archive

Tags

Everything Manufacturing Cambridge Events Spectrum New Members Taxes Region of Waterloo The Chamber Property Taxes Government Waste Cambridge Chamber of Commerce Networking Success Di Pietro Ontario Chamber of Commerce Greg Durocher Scott Bridger Food Blog Canada Ontario Cambridge Memorial Hospital Business After Hours Discounts Member Benefits Affinity Program Web Development Visa, MasterCard, Debit Big Bold Ideas Politics Elections Municipal Provincial NDP Liberals PC Vote Majority Christmas Homeless Leadership Oil Sands Environment Rail Pipelines Keystone Canadian Oil Canadian Chamber of Commerce Small Business Next Generation Cyber Security Millennials Energy Trump Washington Polls US Congress Bresiteers Trade NAFTA Europe Economy Growth Export Minimum Wage 15 dollars Bill 148 Cost Burdens Loss of Jobs Investing Finance Canada Capital Gains Exemption Tax Proposal MIddle Class Member of Parliment Unfair Changes Small Business Tax Fairness COVID-19 Mental Health Self-isolation Social Distancing Ways to Wellbeing Education Conestoga College Online Training Business Owners Personal Growth Communicate Young Professionals Workplace Communication Stress Emotionally and Physically Animals Pets Lockdown CEWS Employee Relief Employee Benefit Cambridge 50th Anniversary Celebrating Cambridge ToBigToIgnore Small Business Week Support Local Buy Local Business Support Waterloo Kitchener YouGottaShopHereWR Responsibility Culture Workplace Antiracist Inclusion Diversity Racism Federal Election Services Autonmy Professional Salary Wages CERB Workers Jobs Guidelines Health and Safety Etiquette Fun Inperson Members Golf Tournament GolfClassic Business Business Trends Home and Garden Garden Pools Home Improvements Backyarding Renos Summer Airlines Business Travel Bad Reviews Reviews Consumers Competition Bureau Dining Out Expert Advice Outdoors Economicrecovery BBQ Vaccines Community vaccinations Conferences Virtual Visitors Sportsandrecreation Spinoff Screening Kits Tourism Trends Productivity Engagement Remote working EmploymentStandardsAct Employees Employers Policies Employment Contracts Legal Public Health Virtual Ceremonies SMEs Health Canada Prevention Rapid Screening Health Entrepreneurs Building social networks Storytelling Video The She-Covery Project Child Care Workplaces Contact Tracing Time Management Pre-Budget Modernization Canada Emergency Rent Subsidy (CERS) Budget Ontario’s Action Plan: Protect, Support, Recover Federal Government Hotels and Restaurants Alcohol Tax Freezethealcoholtax Canadian Destinations Travel Grow your business Sales and Marketing Digital Restructure Financing Structural Regulatory Alignment Technological Hardware Digital Modernization RAP (Recovery Activiation Program) Support business strong economy Shop Cambridge Shop Local #CanadaUnited Domestic Abuse Family Funerals Weddings Counselling Anxiety Pandemic Getting Back to Work UV disinfection systems Disinfection Systems