My talk at Kaseya Connect last week was about the need to wake customers up about cybersecurity. There are far too many people who are still taking a head-in-the-sand approach about cybercrime: ignoring it and hoping it will go away. But in fact it is steadily getting worse, and end users need our help securing their networks. The top takeaways from my keynote are facts which are intended to get customers’ attention:
- US households account for over a billion entry points for malicious software.
- US businesses account for over a hundred million entry points for malicious software.
- As of April 1 of 2015, the US is in an official state of national emergency to deal with the cybercrime threat, because cybercriminals, cyberterrorists and cyberespionage have created an “extraordinary threat to national security”.
- Your privacy is only as good as your security. The FBI estimates that 1 in 5 PCs in the world is part of a botnet, which means the device is communicating directly with cybercriminals.
- We see over 325,000 instances of new malicious software (malware) dumped onto the internet every day.
- The goal of 99% of malware is to create a two-way communication between infected devices and a cybercriminal gang.
- Huge sectors of US “critical infrastructure” (CI) are within just a few degrees of separation from malicious software. CI consists of 16 different sectors which ae defined by the US government as those which “are so vital that their destruction would have a debilitating effect” on the US.
Kaseya resellers can find a link to a document for end users here, and a summary of my discussion on how to get customers to listen here. When it comes to getting people to pay attention to cybersecurity, two of the biggest problems are:
- They think the government can save us. But with the American fervor for internet connections opening up over a billion points of potential security failure, the government can’t keep malware from entering our homes and businesses.
- Malicious software is invisible, and out of sight means out of mind. But cybercrime has been slowly and surely damaging the economy over the last ten years by bankrupting companies, stealing valuable American research and technology, and extracting hundreds of millions of dollars from the US.
Real and Present Danger
There are many, many things to love about using the internet but it comes at a price: if we don’t all take more responsibility for our internet security, we aren’t just endangering ourselves but everyone we are connected to. In fact, many businesses and individual now are targeted by cybercriminals based on who they are connected to (the “supply chain problem”). It is often easier to infect a company who supplies goods to a secure facility than it is to infect the secure facility directly. Meanwhile, extremists are calling for jihad against America by attacking power plants, dams and other infrastructure.
The most important part of any cybersecurity solution is technology: top quality anti-malware, robust security patching and policy enforcement, and network-wide visibility and alerting capabilities. The second most valuable tool is end user education, with a goal to make malware more visible to Americans. As users learn what they are up against from cybercriminals, they become better equipped and more motivated to follow security policy. This two-pronged approach is the only way we can hope to successfully close a majority of malware entry points on our way to a more secure America.
This post was written by Cynthia James, Global Director of Business Development, CISSP, for Kaspersky Lab’s technology integration group. With over twenty-five years of experience in high tech and eight in cybersecurity, she works closely with software providers of solutions such as Kaseya to share information with their customers and resellers about the latest cybersecurity attacks, “lessons learned” and future expectations. She speaks often on cybersecurity topics and is the author of Stop Cybercrime from Ruining Your Life! Sixty Secrets to Keep You Safe.