Teknologize had the amazing opportunity to sponsor and participate in the Northwest Cybersecurity Symposium this week. The symposium, held over two days in Richland, WA at the Discovery Hall at PNNL, was a chance for researchers and industry professionals to talk about what is happening in cybersecurity today, how the field is changing, and new advances from both an offensive and defensive perspective.
Our participation was two-fold. Aaron Welling, Business Intelligence and Technology Strategist talked about how social engineering is taking advantage of the way we’ve been trained to work with others and offered solutions on how to retrain organizations to be less vulnerable. The other element of participation was with Byron Martin, CEO of Teknologize, who was part of an industry panel that talked about the state of cybersecurity for businesses today, the biggest concerns they see, as well as the state of privacy and technology and its future.
While our participation was a great privilege, what we learned was more worthwhile. Here are a few nuggets that we picked up and wanted to share:
- 16 years ago, we were told to be careful on what we click because it might be a virus. In 16 years, that has not changed. No solution has been created to fix this. In fact, the problem is worse because phishing emails and pop-ups are more pervasive, ingenious and enticing, and the effects are more crippling and financially devastating.
- 90% of all breaches are because of phishing attacks.
- 1.5 million new phishing sites are created each month.
- In a study that simulated phishing attacks by sending out fake phishing emails, 30% of all emails were responded to, which means for every 10 employees, 3 of them are likely to cause a breach.
- The FBI recommends that you do not pay when you have a ransomware attack, as it simply encourages the hackers to keep doing it. However, 98% of all ransoms are paid because people don’t have an adequate backup of their system and have no other recourse.
- Ransomware is so effective and such a big business that there is a customer service line in Albania if you have trouble using your decryption key.
- While most ransomware is decrypted easily, there is no guarantee that it will work. Hackers will often make you pay twice to get your info back!
- Every time a company is breached, it doesn’t affect just that company. If they stay in business, those costs (which average $130,000 for small to medium businesses, $1.3 million for larger ones) are passed on to each of us as consumers. In the end, we all lose.
The conference was a good reminder of the impact of cybersecurity and how we all need to think about it more often.
A big thank you to the organizers of the event for the caliber of presenters and the great discussions. We look forward to next year’s event!