The sign in the restaurant bathroom reminds all employees to “wash your hands before handling food”. Menu footnotes remind us that “undercooking meats or fish may result in food borne illness or death”. Despite these reminders, culinary training and government oversight the Center for Disease Control estimates that one in 10 people experiences a food borne illness every year, 128,000 Americans are hospitalized and 3,000 deaths are reported.
Software viruses, malware, trojans, ransomware and botnets are the pathogens of the internet, introduced by anonymous persons and spread by unsuspecting users and network administrators. Unlike food borne illnesses, modern technology can prevent most internet pathogens from ever taking hold in their organization, but more on that later.
Safeguarding data requires a multi-pronged approach that focuses on policies, technology, people and prevention. End user training and internet safety education should follow industry best practices and support board level policies enacted in conjunction with IT administrators and key stakeholders. Tools, assessments and newsletters from organizations such as the Multi-State Information Sharing and Analysis Center MS-ISAC®, https://www.cisecurity.org/ms-isac/ are helpful to municipalities that may not employ security specialists or experienced network engineers. A recent study revealed that IT managers cannot identify 45 percent of their organization’s network traffic. Without the ability to identify what’s running on the network, IT managers are blind to ransomware, unknown malware, data breaches and other advanced threats, as well as potentially malicious applications and rogue users.
One of the key challenges facing our K-12 schools and municipalities is a growing IT skills gap, especially, cyber skills. According to a recent Global Information Security Workforce Study, the cybersecurity workforce gap is expected to reach 1.5 million by 2020, with 66% of the respondents across all industry categories, report not having enough workers to address current and future cyber threats. The cost of data breaches is also growing. IBM and the Ponemon Institute estimate that the average cost of a data breach in 2018 is $3.86 million.
Training, security policies and network infrastructure isn’t enough to protect our schools, town halls, and public-sector agencies from becoming ransomware victims or worse. Mistakes by end users, such as opening an untrusted attachment or browsing an infected website remain a hacker’s easiest undetected entry into internal networks and valuable personal information.
PREVENTION IS BEST
Next generation firewalls and endpoint protection identify network traffic by application, block known and zero-day threats, preventing malware from spreading across the organization or reaching outside of the network to malicious actors. Prevention and the right anti-ransomware strategy can mitigate the effects of end user mistakes, an understaffed IT workforce or a legacy infrastructure that is ill equipped to prevent todays cyber-attacks.
For Further Information about Next Generation Security contact: