Cybersecurity a growing field as criminals get creative
Whether their target is a customer at a gas station, a retail chain, a large corporation or even a major credit bureau, cybercriminals are hard at work stealing money and information.
Cybercriminals will steal more than $1.5 trillion in 2018 with the most successful thieves earning upwards of $2 million. Combatting these cybercrimes has become big business, as well, with global spending on cybersecurity products and services topping $1 trillion over the next five years, according to the research firm Cybersecurity Ventures.
“The cybercriminal industry is massive,” Doug Kuring, a financial planner with Reby Advisors in Danbury, said. “It’s in the trillions of dollars. It’s scarier than ever, but there are things you can do to minimize your risk.”
Bob Reby, founder of Reby Advisors, said the threat has become so great that his firm has added cybersecurity as the 16th metric to its Lifestyle Sustainability Scorecard, which grades a client’s overall financial health.
“We added that component because we saw things like credit freezes that are steps you can take to protect yourself. We used to not score it at all. Most financial planners still don’t,” he said. “We do a lot of work on coaching people on cybersecurity and how to conduct themselves at home.”
Owl Cyber Defense, based in Ridgefield, counts among its clients defense, intelligence and governmental agencies, as well as utility and commercial companies. It specializes in data diode technology, which creates a oneway path for information and data to flow.
“They (cybercriminals) can’t hack the box because the data can’t go in the other direction,” Scott Coleman, director of marketing and product management at Owl Cyber Defense, said. “It’s a paradigm change. Instead of people reaching in, you push information out to whom you want to see it.”
Coleman said firewalls and similar protective measures are effective to a point but can be bypassed, and it’s often too late by the time they recognize a threat.
Data diodes are highly controlled hardware that isolate and protect networks from external sources. The user selects only the information it wants to flow to a specific recipient.
Coleman said the Equifax data breach could have been mitigated by the credit bureau if it had segmenting the information it stored and shared. The 2017 Equifax data breach exposed the personal information of 143 million U.S. residents.
To mark October as National Cybersecurity Awareness Month, Coleman will lead a lecture about data diode hardware from 6 to 7 p.m. on Thursday, Oct. 18, at Sacred Heart University. The talk is open to the public. This spring, the company plans to hold a “Data Diode Day” at SHU.
Owl Cyber Defense employs about 85 people and is growing to the point that the company will move its headquarters to a larger building in Danbury by the end of the year.
“We’re in an aggressive growth strategy now,” Coleman said.
Kuring said financial planners at Reby Advisors suggest their clients do three main things to protect themselves from cybercrimes: implement credit freezes, invest in credit monitoring services and educate themselves.
Freezing your credit with the three major credit bureaus — Equifax, TransUnion and Experian — is a critical step in protecting personal information, Kuring said. Both parents as well as grandparents should freeze their credit, as cybercriminals also target the identity of children and grandchildren.
It can be inconvenient if a major investment — such as a house, car or boat — is on the horizon because the freeze would have to be lifted and reimplemented, but it’s worth the effort, Kuring said.
“If they can’t see your account, thieves can’t access or spend your money,” he said.
Hiring a professional creditmonitoring service is an “affordable way to build more security. Get at least the basic package,” Kuring suggested.
The Reby Advisors website now includes a section on cybersecurity that includes a PowerPoint presentation, blog posts and a checklist for preventing fraud. The checklist includes tips such as: be aware of suspicious phone calls and emails; don’t open email attachments from unknown sources; don’t use personal information in passwords; keep computers updated with antivirus and anti-spyware technology; turn off Bluetooth when not being used; and limit sharing of personal information on social media.
“No enterprise or individual can fully protect themselves,” Kuring said. “It’s about being educated, having an awareness. Don’t fall into their traps.”
Reby Advisors will hold a cybersecurity event featuring author Adam K. Levin, who recently published “Swiped: How to Protect Your Investments, Credit and Identity in a World Full of Scammers, Phishers and Cyber Thieves.”
The talk will include Levin’s “three M’s” of cybercrime protection: minimize (risk); monitor and manage. It will be held on Nov. 1 at Ridgewood County Club in Danbury.
Scott Colemen, director of marketing and product management at Owl Cyber Defense, in a server room at his company’s office in Ridgefield.