6 Trending Cybersecurity Issues

Topics: Cyber Liability

Summary: No organization, no matter the size, is immune from a cyber attack. Learn the six trending cybersecurity issues that could wreak havoc on a business and, and find out how to prevent them.

Six Cybersecurity Risks to Businesses

Every employer faces the reality that they could be the target of cybersecurity attacks or data breaches, which can jeopardize their credibility and cost thousands of dollars (or more) in damages. By following simple preventative steps, business owners can protect their organizations from cyber attack risks. Below are six cybersecurity risks that can wreak havoc on a business and how a business can train their employees to be diligent for cyber attack red flags.

6 Trending Cybersecurity Risks

Watch Out for These Cybersecurity Risks

Cybersecurity Risk #1: Deepfakes

Deepfakes, developed from artificial intelligence technology, can take an image of one person and replace it with another person’s likeness. According to DeepTrace Labs, last year, there were nearly 15,000 deepfake videos online. As the technology is easier to use, more people are making these types of videos, and their impact could be felt across the business, political and media worlds.

Tips to Prevent Deepfakes
  • Watch out for deepfake videos spreading fake news.
  • Don’t add to the problem. Check for authenticity before you share videos. 
  • Beware of fraudsters using deepfake videos in social engineering schemes.

Cybersecurity Risk #2: Ransomware Attacks

A McAfee Labs report found that in 2019 new ransomware attacks grew 118% as cyber criminals continue to adapt and use new tactics and code innovations. Ransomware is a type of malicious software designed to block access to a computer system until a sum of money (or ransom) is paid, or some other action is completed. Sometimes, a ransomware attack is as simple as forcing the user to complete a survey. The most common types are lock screen and encryption ransomware. The lock screen shows a full-screen message that prevents the user from accessing their PC or files. Encryption modifies files so they can't be opened.

Tips to Prevent Ransomware
  • Use secure networks, strong passwords and up-to-date systems
  • Learn how to identify and avoid malicious links
  • Maintain secure backups of essential files

Cybersecurity Risk #3: Smart Home Devices

The Internet of Things (IoT) technology has allowed us to connect to our cars, homes and multiple devices like never before. IoT devices continue to be developed with even more connectivity. Gartner predicts that there will be 25 billion connected things by 2021, which produce tons of data needing protection from cyberattacks.

Prevent Cyber Attacks Via Smart Devices
  • Don’t use the factory settings. Pick a strong password and check privacy settings and permissions.
  • Check smart devices for security problems and updates regularly.
  • Consider setting up a separate network for smart devices.

Cybersecurity Risk #4: Data Privacy

Data privacy is a consumer’s understanding of their rights as to how their personal information is collected, used, stored and shared. The use of personal data must be explained to consumers simply and transparently, and in most cases, consumers must give their consent before their personal information is provided. As big data grows, privacy concerns are also increasing. The possibility of data breaches can put your business’s sensitive information in the hands of identity thieves.

The protection of data privacy has come to the forefront with the launch of the General Data Protection Regulation (GDPR) by the European Union in 2018. The GDPR applies to all data directly or indirectly related to an identifiable person in the EU that is processed by an individual, company or organization.

Any small business which processes the personal data of people within the EU is subject to the GDPR, no matter where in the world the business is based. Currently, there is no U.S. federal standard for data privacy protection, but many states have their own data privacy laws. California has passed the California Consumer Privacy Act (CCPA), a wide-reaching privacy law that went into effect in 2020 and New York’s Stop Hacks and Improve Electronic Data Security Act (SHIELD) went into effect on March 21, 2020.

Be Prepared for Data Privacy Laws
  • Determine if these laws affect your business
  • Review and update data security and data breach notification procedures
  • Update your site’s privacy policy and terms of use.
  • Create opt-out, know and delete methodologies for email notifications
  •  Respond to data removal requests promptly and document your actions
  • Consult with legal counsel to understand how these laws could apply to your circumstances

Cybersecurity Risk #5: Spear Phishing

Phishing is a type of social engineering scam that attempts to fraudulently obtain sensitive information using email. The email appears to come from someone that you know or have done business with. However, the message might include poor grammar, syntax errors, broken links, and the email address might be slightly different from the familiar one. The email could be written with a sense of urgency, demanding an immediate response. According to Cofence, 91% of cyberattacks start with spear phishing, a type of scam that targeted directly at a particular person in an organization.

Know the Signs of Spear Fishing
  • Train your team to not click on links unless they are positive that they trust the source
  • Watch out for messages that appear to be from people you know but are actually spoofed
  • Use anti-virus software, two-factor authentication and other security measures

Cybersecurity Risk #6: Human Mistakes that Lead to Data Breaches

In the past few years, there has been a rash of well-known cyber attacks on businesses, including British Airways, Marriot Starwood, Citrix. Cybercrime Magazine states that cyber attacks are the fasting growing crime in the U.S. with an estimated worldwide cost of $6 trillion annually by 2021.

The 2018 Verizon Data Breach Investigations Report found that human mistakes caused 21% of data breaches.

Proactively Protect Your Business from Cyber Attacks
  • Create a cybersecurity policy that supports your data protection strategy
  • Train your employees on how to avoid phishing and other cyberattacks
  • Make sure remote workers are using strong cybersecurity protocol
  • Change passwords after employees leave

cyber insurance banner

Cyber Insurance From AmTrust Financial

With threats of cyberattacks growing, companies need protection from data breaches. All organization should offer data security training and create a company-wide data breach policy with a response plan ready to implement when/if it is needed.

A cyber insurance policy from AmTrust provides additional security to safeguard your company against loss and damage due to a cyberattack. Contact us today to find out how you can benefit from a cyber liability policy, and how to protect your organization from cybersecurity attacks and other data breach threats.

This material is for informational purposes only and is not legal or business advice. Neither AmTrust Financial Services, Inc. nor any of its subsidiaries or affiliates represents or warrants that the information contained herein is appropriate or suitable for any specific business or legal purpose. Readers seeking resolution of specific questions should consult their business and/or legal advisors. Coverages may vary by location. Contact your local RSM for more information.

Time Zones