More and more we hear the term “cyber” and things like “ransomware” or “malware”:
- “Ransomware strain led Kentucky hospital to an internal state of emergency”
- “Northern Kentucky ransomware attack”
- “Kentucky-based fine spirits manufacturer targeted”
- “Kentucky’s utility companies preparing for when, not if ”
- “Kentucky’s cybersecurity defenses fend off an average of 92,000 security threats a day.”
As the world becomes more connected, criminals and others seek ways to infiltrate our systems, steal our money, make mischief or cause harm – “A hacker tried to poison a Florida city’s water supply.”
For many of us, the inner workings of our computers or our tablets or phones is a mystery. If I can turn it on and get to my email, things are going pretty well. These hackers might as well be magicians, and since they are using magic, there is not much I can do about it.
Fortunately, that is not exactly true. There are tried and true methods that greatly reduce the risk or the chance of being hacked. Some of them are quite easy and others can be difficult/expensive but fortunately, grant funds are becoming available.
In conjunction with KOHS and other state and federal partners, KACo will assist you to conduct an assessment and develop a plan. In addition, the new grants will provide a method to remediate many of the identified issues or vulnerabilities. Stay tuned as more information about the grant becomes available.
Here are 10 things that you can do to reduce your chance of becoming a victim:
- If you use remote access tools and cloud services (email, banking, HR, etc.) turn on multifactor authentication.
- Identify critical information and back it up. There are many great ways to do that. It could be as simple as a couple of external hard drives or syncing your folders to a commercial cloud service.
- Ensure that operating systems are up to date and you’ve turned on automatic updates.
- Provide cybersecurity awareness training for your staff and discuss password security.
- Sign up for free cybersecurity services from Multi-State Information Sharing and Analysis Center or Certified Information Systems Auditor.
- Develop an incident response plan and disaster recovery plan, and test those plans.
- Turn on logging, everywhere.
- Make cybersecurity a priority and adopt a standard practice.
- Develop processes and procedures to make this a sustained and repeatable program.
- Conduct an assessment, and understand where you’re strong and where you may need additional support.
If you look at this list and don’t know how or where to get started, or if you don’t have the time or resources to work on this, KACo and the Kentucky Office of Homeland Security (KOHS) are here to help. For more information, call (502) 223-7667 or (502) 564-2081.
Read this article in this month's County Line magazine or download a PDF here.
Phillip Ross is a Cyber and Geospatial Analyst for the Kentucky Intelligence Fusion Center, located in the Kentucky Office of Homeland Security. He has more than a decade of experience in the intelligence field to include military, counter drug and CBRN intelligence.