I recently attended the St Joseph County Cyber Attack Response Crime Symposium sponsored by the St. Joe County Chamber of Commerce. Cyber Crimes Investigator Mitch Kajzer with the St. Joseph County Prosecutor’s Office presented.
About 40 people with varied backgrounds and job descriptions attended. Most were business leaders and few in IT. I was disappointed that the classroom wasn’t packed. This may be indicative of the fact that our regional businesses still don’t take cybercrime seriously. I do predict this will change in 2016 as more and more businesses suffer business downtime due to poor security.
Here are a few things I did learn from Mitch:
- If a business suffers a breach, call the PD directly and open a case. Detectives will be notified and the case routed to Cyber Crimes division.
- The Cyber Crimes division will work with the business to bring the perpetrator to justice if possible.
- As the Cyber Crimes division is part to the County Prosecutors office, businesses aren’t charged for their engagement.
- If tools like logging, intrusion detection, network monitoring aren’t in place already, it will be close to impossible for the Cyber Crimes division to identify and prosecute the hacker.
- Mitch confirmed that 90% of the malicious attacks occur via phishing email. Don’t interact with email messages with whom you aren’t absolutely sure originate from a trusted source.
- Mitch leveraged much of the same info I use from the NIST.Gov site regarding best practices.
And remember, there are only two types of businesses, those that have been hacked and those that will be. Orion Group specializes in preventing these types of attacks. Contact us today to get an onsite assessment of your business’s vulnerabilities.