MARSHALL TWP, Allegheny County — FBI and private industry experts held a cyber security seminar Tuesday to inform attendees about the importance of preparing their businesses against cyber security attacks.
More than a dozen business people gathered in the DoubleTree by Hilton Hotel Pittsburgh-Cranberry in Marshall Township, to learn how to protect their businesses from a cyber attack and what to do in the event of a security breach.
FBI Special Agent Michelle Pirtle, a private sector coordinator for InfraGard, a public-private partnership between the FBI and private industry, kicked off the seminar emphasizing the seriousness of cyber security and gave three questions companies should ask in considering cyber threats.
“Who do you hire? Who are your clients? And what do you do as a business?” she asked. “Those three categories will help define what you could potentially become a victim of.”
Industry experts John Stiles, CEO of Connectivity Communications, and Karen Puchalsky, CEO of Innovate E-Commerce, walked attendees through preparing their companies to “protect, detect and respond” to cyber attacks.
Stiles spoke first on “protect,” emphasizing employee training, software safeguard maintenance and backing up important data.
“A risk assessment we believe is a really good place to start,” he said.
Understanding where the company is vulnerable lets it focus its efforts in protecting vital assets and training employees to best avoid a situation and to respond in the event of a breach.
“This is so critical. Most people that just use computers as part of their jobs are not cyber experts so they don't know,” Stiles said. “Employees are the primary vectors. (Hackers) are going after those guys all the time.”
Stiles emphasized assessing software safeguards, specifically firewalls, and encouraged companies to have these looked at annually.
“Less than 60 percent of customers that have firewalls have all of the features in effect,” he said. “Use what you have. You paid for it.”
An annual best practices assessment could help companies keep up to date and fully functioning.
Stiles also recommended backing up important data and making sure these backups are working and uncompromised.
“What I found, especially in small and medium businesses, is people are doing their backups, they're maintaining their backups, but they're not testing their backups,” Stiles said. “Test everything, and then test it again, and then test it again.”
Even with all of these things in place, it's still possible for a breach to occur. When this happens, it is important to detect the breach quickly, Puchalsky told attendees.
“How comfortable are you in detecting a breach in your organization? What is your most critical and sensitive data?” she asked. “You have to look at who is responsible for monitoring all these logs.”
It takes companies an average of 200 days to detect a breach, Puchalsky said, and in that time a hacker can steal a lot of information. Everyone from employees to customers are at risk.
Here again, training is important as employees need to know what actions can lead to breaches and what to do if any mistakes are made. She equated the importance of monitoring cyber security to a casino monitoring its money.
“Money is their most important asset,” Puchalsky said. “You need to look at monitoring your information the same way casinos monitor their money.”
Once a breach is detected, the company can begin to respond. IT personnel can begin isolating the problems and looking for ways to restore the system's security. In the meantime, the company needs a plan to function while these restoration efforts are in progress. Puchalsky said.
“You have to look at what has to go on in your business while you're recovering from a breach,” she said. “So if you don't have a recovery plan today, now is the best time to get it.”
How can employees work while the system is down? What will the message be to the public, and who should deliver it?
All of these things need to be thought of, she said.
Additionally, it is vital to have a plan to have the most vital systems available even while the system is being restored.
“Have you identified what processes and operations must continue while your recovering from a breach?” she said.
On the law enforcement side, Pirtle said there are few better places to handle cyber security breaches than the FBI's cyber squad in Pittsburgh.
“We have a phenomenal cyber squad. Our cyber squad is one of the premiere cyber squads in the FBI,” Pirtle said. “We get some of the largest cases. and part of that is because we have phenomenal working relationships with you as an industry, our United Attorney Office, and we have the skills to work those cases.”
She emphasized the importance of reporting crimes to the FBI as hacks can sometimes be linked to other hacks and find the attention of law enforcement cyber specialists.
“Our role is to focus on not just individual cases, but cases we can link together,” Pirtle said. “That's why it's important for you guys to report crimes and specifically cyber crimes to the FBI.”
Information can be found at the FBI website or YouTube where Pirtle recommended watching the FBI's videos on the topic.