Cybersecurity: Evolving and Learning

Tyler’s recent 12th Annual CyberCrime Symposium did not disappoint. The long-awaited in-person conference, held in Portsmouth, New Hampshire, brought together over 100 industry peers from across New England and the United States. As a result of the chaos and rise in cyberthreats caused by the pandemic, this year’s conference centered around the future of resilience. Over the course of two days, attendees heard from eight industry-renowned speakers about a multitude of cybersecurity topics, including encryption in the cloud, vulnerabilities and how they can lead to major disruptions to critical infrastructure, the importance of cyber insurance, and what the future of cybercrime holds from a law enforcement perspective. An overarching message echoed throughout the conference venue by speakers and attendees alike.

The topic of cybersecurity is seen in the news – and usually not in a good way – every day. We can no longer think in terms of ‘if’ a cyberattack occurs. The mindset now must be ‘when’ a cyberattack happens, as organizations of all sizes and sectors continue to get hit with clever cyberattacks that often go unnoticed until major, irreversible damage has been done. From phishing campaigns to third-party supply chain breaches, to exploiting vulnerabilities, stealing credentials, and more, threat actors will take any measure they can to access valuable data and carry out crippling ransomware attacks.

Unfortunately, public sector organizations, like schools and counties, have been a prime target for cybercriminals. Oftentimes they do not have the budget to invest in dedicated security staff or cybersecurity tools and training. The shift to remote working and learning has opened a plethora of new opportunities for hackers.

According to the 2021 Annual Threat Assessment, “Transnational criminal organizations will continue to employ cyber tools to steal from the U.S. and foreign businesses and use complex financial schemed to launder illicit proceeds, undermining confidence in financial institutions.” Matt O’Neill, CyberCrime Symposium speaker and U.S. Secret Service Special Agent, confirmed that “Financially motivated attacks take the cake for the most common attacks in 2021. The two most used terms in [cybersecurity] forums are ‘bank account’ and ‘credit card,” he said.

In fact, experts predict that global cybercrime damage will be around $10.5 trillion by 2025, as compared to $6 trillion this year. The writing is on the wall, and for those less fortunate, it’s on their networks. It’s never been more important for organizations to invest in cybersecurity.

The three pillars that make up a strong and resilient cybersecurity program include people, process, and technology. Without thoughtfully practicing and implementing each of these components into your organization, things are bound to slip through the cracks and incidents will occur.

First, an organization’s people can be your greatest asset or weakest link when it comes to keeping data safe. Employees need to have cybersecurity knowledge and awareness so they can act as stewards towards their organization. Start off with training them on how to spot a phishing attempt and creating strong passwords. IT and/or security staff should be attending thought leadership conferences – such as the CyberCrime Symposium – regularly, so that they can share information with their peers and gain relevant information needed to inform cybersecurity priorities. Cybersecurity education is one of the most important steps we can take to further secure data and keep bad actors out. Consider outsourcing training and education to take advantage of the knowledge of your peers.

Next, it’s essential to have processes in place, which includes frequent trainings. Create a schedule for cybersecurity education. Have policies and plana – like an information security policy, incident response plan, and business continuity plan -- documented and be sure to regularly distribute any relevant cybersecurity information or threats to employees. Always keep your processes top-of-mind so you can be prepared to switch them up or implement them at a moment’s notice.

Finally, technology needs to be incorporated into your cybersecurity program. Antivirus, antimalware, firewalls, and managed threat detection and response tools are just a few of the essential technologies you can use to get started with keeping valuable data safe. If you’re an IT leader, make sure your ongoing cybersecurity hygiene includes updating and patching hardware and software as soon as it’s needed, because without frequent updates, you will be vulnerable to risk.

Stay educated with us!

By equipping your organization with ongoing education and cyber defenses, you will be better prepared to adapt, ward off, and respond to the many cyberthreats that will undoubtedly impact so many organizations today, and in the future. Enhance your program by taking advantage of a few of our complimentary resources.

• Visit our Cybersecurity Resource Center for frequent updates, articles, webinars, and more
• Subscribe to our Daily Threat Briefing – then distribute relevant information to your employees – to get threat updates and news directly to your inbox daily
• Watch the CyberCrime Symposium presentations on-demand now until November 30th to see a full version of some of the most important cybersecurity challenges and lessons the pandemic brought about

Interested in attending next year’s event? Email ccsym@tylertech.com to get on the invite list!

Subscribe to our Daily Threat Briefing!

Sometimes, it can be hard to find the time in the day to research the constantly changing cybersecurity landscape. Stay informed on emerging threats and help inform business decisions – subscribe to our complimentary Daily Threat Briefing now!