At multiple trade shows over the past few months across a variety of industries, including the Western Petroleum Marketers Association (WPMA), the International Franchise Association’s (IFA) and MURTEC (the Multi-Unit Restaurant Technology Conference), a common theme emerged. No matter the industry, the type of business or the size, cybersecurity remains a top priority, whether a company has its own internal security team or relies on an outsourced Managed Security Services Provider (MSSP).
Despite the variations in what these industries sell, how they operate and the markets they serve, there are more commonalities than differences when it comes to protecting their networks. Here are five takeaways from these recent tradeshows that can benefit every type of enterprise when it comes to cybersecurity.
Strike a balance between “Security” and “Access.” Network security, by its very nature, adds friction to the user experience. It slows things down. Think of the extra time it takes for an authorization code to filter into your email with two-factor authentication. Unfortunately, too much friction can prompt employees to find workarounds or for customers to abandon the sales process altogether. For those reasons, businesses need to carefully consider the balance between protecting their networks and providing a relatively positive (or merely neutral) experience when it comes to accessing the network.
Train employees on good security practices and hygiene. Network security is only as “good” and effective as peoples’ behaviors and actions––that includes those of C-suite executives as well as frontline employees. In fact, in Cybersecurity's Greatest Insider Threat Is In The C-Suite, Forbes noted that 78% of IT leaders say the C-Suite is the most likely to be targeted by phishing attacks. Providing purposeful security training to every employee and subcontractor can mitigate those risks.
Join InfraGard, a partnership between the Federal Bureau of Investigation (FBI) and members of the private and public sectors. InfraGard provides education, information and workshops on emerging technologies and threats so enterprises can stay well-informed. Members include business executives, entrepreneurs, lawyers, security personnel, military and government officials, IT professionals, academia and state and local law enforcement—all dedicated to contributing industry-specific insight and advancing national security.
Scrutinize the Point of Sale (POS) system. POS systems have evolved far beyond transaction engines. Today, they integrate with innovative third-party through APIs, like the online order and delivery platforms, and with back-office software and enterprise applications. They can be connected to smart devices, like product scanners, speakers, cameras and lighting. Many also support the digital guest experience, be it mobile app ordering or having tablets at tables. Regardless of the specifics, every device and endpoint on the POS increases breach risk for an enterprise––which means each of these endpoints need to be protected to reduce these risks.
Recognize that technology innovation can also be adopted by hackers. The cybersecurity threat landscape changes at warp speed. As an example, there is a groundswell of attention on how artificial intelligence (AI) is being used for nefarious activities, like the creation of deepfakes––which become more realistic each year. One prediction is that by 2025, deepfake AI “people” will enter the workforce. Having fakes or frauds in the workplace means enterprises will be at significantly higher risk for a breach initiated from inside the network. How might a business protect itself? Perhaps by having new remote workers go in person to a facility for a background check.
While there are many different approaches to network security, every business—regardless of its size, shape or structure—is likely to find one or more of these tips worthwhile.
Not sure where to begin when it comes to cybersecurity for your business? Partnering with a Managed Security Services Provider (MSSP) ensures that your business is protected under any circumstance. Even if you have an in-house IT team, an MSSP can complement your existing resources to improve security and enable growth.
To learn more about how enterprises can protect their networks and their businesses, go here.