| | DECEMBER 20198CIOReviewIN MY OPINIONCYBERSECURITY TODAY, 2020 AND BEYONDBy Rizwan Hafeez, Managing Director, Information Technology, Blue Cross Blue Shield AssociationCybersecurity is the practice of protecting computer systems, networks, and software programs from digital attacks. These cyber-attacks are usually aimed at gaining, accessing, changing, or destroying sensitive information, often extorting money from users and disrupting business processes and operations. Today in 2019, Ransomware attacks have increased and costing victims billions of dollars. Hackers are becoming more sophisticated and able to deploy technologies to literally kidnap an individual or organization assets and hold the information for ransom. A hacker then asks for various forms of cryptocurrencies to protect their anonymity. Simultaneously, attacks on cryptocurrency holders and miners are on the rise in 2019. For miners, there are an increasing incidents where the hacker will overtake the majority of their computing power and cause serious performance issues. Another threat that's on the rise today is the connected cars and semi-autonomous cars. Most connected cars use tethering functions via the smart phones but by the end of 2020, 90% of the new cars will be connected to the internet. Hackers will use those vehicles to exploit vulnerabilities and steal sensitive data - additionally hackers could cause serious safety issues. Today, implementing effective cybersecurity measures are particularly challenging because there are more devices than people, and hackers are becoming more sophisticated as well. Individual and organization needs to look at their cybersecurity through a layered approach for effective defense.What's the Cybersecurity layered approach? Many think of a cybersecurity layered approach in terms of technology/tools. But the most effective cybersecurity protection is to have a strategy around people, process and technology/tools combined. Hackers typically go through these layers to penetrate across the computer systems, networks and software programs to exploit individuals, companies and businesses. A proper awareness and controls are needed at all these layers for best defense.People must understand weather at home or at an office, basic data security principles like choosing strong passwords, being aware of attachments in an email from unknown recipients, always locking devices while unattended, sensitive sites like banking and or medical should never be used on public devices. Lastly, be aware of social sites for anonymous friend requests as hackers then can gain valuable information about your background and extort that information against you.There needs to be a strong adherence to process and how to deal with both attempted and cyber-attack breaches. A set of security related processes clarifies on identifying attacks, protecting systems, detecting and responding to threats.Technology/Tools are a must to give individuals and organizations the security needed to protect themselves from cyber-attacks. Three main entities must be protected from technology perspective: computers, smart devices and networks. IN MY OPINION
< Page 7 | Page 9 >