Kris Kormany, Chief Executive Officer and founder of TECHWAY Cyber Security Services, talks about protecting businesses before, during and after a cyber attack.
You’ve been working in the cyber security field for more than seven years: what’s the biggest misconception about cybercrime?
There are two big misconceptions, both of which have to do with human misjudgement. The first misconception among employees and leaders in organizations is that they don’t think that they will be affected. But in fact, it’s not a question of whether a company is hacked, but when it is hacked.
The second misconception relates to the assessment of cyber security technology in use. Systems like firewalls have been around for decades and provide good protection. However, those responsible in the company often underestimate the human factor in cyber risk.
What is the human factor in cyber security?
For example, a hack of an online store leaks your personal data. Months to years pass before you learn of this theft, during which time you are a perfect target for hackers. In such a scenario, even the best firewall can’t protect you, and risks will be created for the employer.
What measures can protect against a hacker attack?
Audits and benchmarks according to standards such as CIS or NIST can help protect you against attacks, as they allow companies to identify and address their own vulnerabilities. Technical measures are also necessary, but can’t cover everything. Companies need to train employees in particular with targeted workshops and awareness measures and not bore them with countless phishing campaigns.
Can you still protect yourself after a hacking attack has happened?
Today, alarming solutions only inform once the actual data such as email address, phone number, passwords or credit card details are already in circulation. In the case of targeted hacker attacks, the darknet may become aware of planned or completed crimes much earlier. Our eIDENTITY solution alerts at this stage and our customers can change passwords and have credit cards blocked before the data is misused.
What will it take to strengthen cyber security in the increasingly digital future?
People need to understand what happens to their data during and after a hacking attack and how to respond. It’s best to render stolen data unusable before it is misused by hackers. This message needs to get through to the people. Thanks to our close collaboration with C-Matrix, as experts in the field of cyber security, we can distribute this message to individuals and companies through various communication channels.
C-Matrix supports cyber security related communications such as awareness campaigns and workshops.
Lina Lanz has worked on communications campaigns impacting Swiss society and business. These include the Covid vaccination campaign for Zurich Health Department and cybersecurity communications for the Swiss Armed Forces. She provides strategic communications advice to local and international clients across Financial Services, Healthcare and ICT.