Sharing Information is the Key

by Laura Baker, Co-Founder CyberWyoming, 4/12/19

Did you know that the UW Campus and a bank in Sheridan and a company in Casper all reported to me that they had the exact same phishing scam hit their offices within a 6 month period? Apparently, the scammers use social media to find out when the ‘boss’ is out of the office at a conference or event and then email (from the boss’s fake personal email account) an employee asking to purchase iTunes cards for the event.

What if we had all been talking? We would have saved multiple companies heartache and multiple employees stress.

Last week, I attended Dr. Greg White’s presentation at the WAMCAT conference in Casper. Greg White is the Executive Director for the ISAO (Information Sharing and Analysis Organization) and the Executive Director for the Center for Infrastructure Assurance. He is ALL about sharing information.

Anyway, Greg talked about a community experiment that he did through University of Texas, San Antonio. In a few different communities, he had graduate students drive around critical infrastructure (like water plants and power plants) with large antennas on their cars and a computer in their front passenger seat. They were to catch the attention of local law enforcement. The experiment was to determine if law enforcement would report it 1. to their own department (after all, no laws were being broken) and 2. if their department would report it to the State.

One incident may not seem like a big deal right? But look at this picture below. It creates a pattern. Most of the time, law enforcement didn’t report the suspicious behavior, but the pattern shows that Texas infrastructure, had the experiment been real, was in danger.

Presentation by Dr. Greg White, April 4, 2019, WAMCAT Conference, Casper, WY.

So, there’s another example of information sharing.

But today, I was reading through the new Fourth Annual Study on the Cyber Resilient Organization by the Ponemon Institute and IBM Security, and the question was posed “What security technologies are most effective in the ability to achieve cyber resilience?” Look at what is number 1 and 53-60% effective!

Page 6, Ponemon Institute Research Report, Fourth Annual Study on the Cyber Resilient Organization.

Information sharing again!

Wyoming is a small enough state in that we all have one degree of separation from the next citizen. Becoming a part of the CyberWyoming information sharing network is a great way to protect ourselves and help our neighbors. Contact info@cyberwyoming.org to find out how to become a part of this network.

But what, besides talking to each other, can you do to increase the cyber resilience of your business? According to the study, you can develop your team of skilled personnel. We believe this isn’t just IT people, but also accountants that help you tighten up your AP process so you don’t get scammed, lawyers that review your security policies and help you develop an incident response plan, insurance agents that help you find the right cyberliability policies, bank reps that tell you what cyber protections are on your business accounts, and of course your economic development agencies like the SBDC, the WWBC and CyberWyoming which runs the Made Safe in Wyoming Program.

Page 11, Ponemon Institute Research Report, Fourth Annual Study on the Cyber Resilient Organization

For the full Ponemon Study, follow this link:
https://www.ibm.com/account/reg/us-en/signup?formid=urx-37792

Share:

Register to Receive the Tech Joke of the Week!

This Week's Joke:

How many programmers does it take to change a light bulb?

None, it is a hardware problem!

More Posts: