According to a Charlotte-Mecklenburg police report, Central Piedmont Community College experienced a ransomware attack that was discovered on February 10, 2021. Phones, email and the Blackboard learning system are all offline and classes remained closed. CPCC is working with CMPD’s Cyber Crimes as well as the FBI and NC Department of Public Safety to determine the extent of the attack.
On Friday WSOC Channel 9 News reporter Ken Lemon called to interview Reda Chouffani, Biz Technology Solutions’ CTO and Co-founder. For Chouffani, this was an attack that hit close to home as Chouffani and his brother Mike are alumni of CPCC. Chouffani told Channel 9′s Lemon that breaches usually begin with an email encouraging someone within the system to click a link. “And all it takes is one click in some cases to really create some painful situations,” said Chouffani.
North Carolina has experienced a record number of data breaches in 2020, a 36% increase from the record that was set in 2019, according to the N.C. Department of Justice. What does this mean for other institutions and businesses in the Charlotte area?
10 Things Charlotte Businesses Should Learn from This Cyber Attack So They Don’t Become The Next Victim
1. Be prepared by proactively identifying your security gaps
A security audit helps your business prepare for potential cyber risks and challenges to your daily operations. As technology continues to evolve, a security audit is a strategic decision to protect your business, partners, and clients.
2. Invest in your first line of defense with end-user education and awareness
Nearly 90% of data breaches are caused by human error. Studies show the majority of cyber-attacks are attempts to exploit the human factor through luring phishing attempts and other related efforts. Cybersecurity training is key to developing a sustainable business in today’s digital landscape.
3. Create a disaster recovery and business continuity plan to prevent downtime
In one form or another cyber-attacks and disasters are an unfortunate reality for every business. A disaster recovery plan is designed to help you safeguard business operations following a disaster such as a malware attack or a natural disaster.
4. Leverage a Security Operations Center (SOC) and 24/7 monitoring
A SOC is a specialized team that monitors, detects and responds to multiple types of cyber threats and incidents. The reality behind a cyber attack is that most of the malicious and damaging activity occurs after-hours when hackers know nobody is looking. 24/7 monitoring ensures that emerging threats and advanced attacks are identified and prevented before the damage is done.
5. Protect against threats with Advanced Threat Detection
In today’s environment, businesses must take a layered approach to cybersecurity. This includes various security solutions including Advanced Threat Prevention (ATP) and Advanced Threat Detection (ATD) solutions. With this approach, intelligent software is used to detect abnormal activities happening in email attachments or endpoint devices that may signal ransomware or other malware attacks.
6. Require employees to sign technology policies
Technology policies provide a structured and standardized set of guidelines for businesses and their employees to follow. Some key policies to consider are Bring Your Own Device (BYOD), Internet Usage Policy (IUP), etc. These policies play an important role in helping to protect the business.
7. Explore mobile device management best practices
Mobile Device Management along with Mobile Threat Detection is invaluable when it comes to enhanced protections on mobile devices. Mobile devices often have full access to the organization’s network and pose a risk for a data breach.
8. Create an Incident Response Plan
The data your business has is one of its most important assets. Every business should plan for the unexpected, including a data breach, that can harm your reputation and ultimately your business. The response plan essentially outlines the steps that must be taken to mitigate damage should a breach occur.
9. Partner with a reliable Managed Technology Services Provider
Working with a Managed Service Provider allows you to enhance your cybersecurity strategy through their security expertise. Since MSPs take a solution-based approach to security including physical reinforcements and encryptions you get complete visibility of your infrastructure and address any security gaps you may have. A mature strategic IT partner should have added layers of security in place to protect themselves which in return protects their clients.
10. Take advantage of Managed Security Services
With Managed Security Services you have an advanced team keeping your business up to date on the most common threats to your technology environment. This ensures they are compliant by implementing the appropriate security measures needed.
At Biz Technology Solutions, we offer a comprehensive range of Managed Security and Managed IT Services to meet the needs of any business. If you’re struggling to keep your business systems protected, or if you’ve discovered that you have poor security practices that need attention, Contact Us Today!
WANT TO PROTECT YOUR BUSINESS? CLAIM YOUR COMPLIMENTARY CYBERSECURITY TOOLKIT!
The first step is knowing your vulnerabilities. Small businesses face unique challenges with the ever-increasing threat of cybercrime. With limited time and resources to devote to information security, you are a prime target for cybercriminals. Identify your cyber risks with our complimentary Cybersecurity Toolkit.