When was the last time you clicked a link that infected your computer?  Was it an email or during a web search?  Most people struggle with understanding how this happens or what to do next.  The whole concept of cybersecurity is often misunderstood, so preventing cybersecurity attacks can be just as daunting.

Because October is cybersecurity awareness month, the Chamber’s Ready Carlsbad Business Alliance conducted a business-oriented CyberSecurity Symposium, coordinated by RCBA committee members Josh Mazur and Bob Welty, on September 16th at ViaSat. Speakers included experts from San Diego Cyber Center of Excellence, RADM(ret) Ken Slaght, from the San Diego Securing our eCity Foundation, Ms. Liz Fraumann, and from ViaSat, Mr. Jerry Goodwin. Topics included CyberSecurity Awareness, Preparedness and business continuity. Feedback from the attendees was one of strong appreciation of the presentations and of the message of their content.

Here are some tips on how to keep you safe.

Define the threat.  Computer security, also known as cybersecurity, is the protection of physical computers and their information systems from theft or damage to the hardware, the software, and to the data on them. This includes disruption or misdirection of the service tasks they provide. Reread that statement so it sinks in. Computers, files, data, network connections, and accessibility are all included.

Prepare for an attack. Please make sure you have some of the basic protection including updated anti-malware and antivirus software that is scheduled to scan the computer at least monthly. If an email looks suspicious don’t open it; disregard it and/or check with the sender. Try to understand why you are being targeted. Common attacks include: Nation State attacks, Rampant Malware, Healthcare record theft and privacy breach, Corporate Espionage–IP theft or destruction, Insider Threats, General data destruction, Financial theft, Extortion and Ransomware, Third Party Breaches to reach vendors (this is how Target was breached).

How should you respond to the attack?  Have a plan in place that identifies how and when you have experienced a cyber breach. Many users think that their computer is just “acting funny” but seems to be functioning ok so it stops there. Inform your staff and any external IT vendors to report all suspicious activity. A single workstation with a virus can take down a workgroup immediately or months after being infected. Having plans for which staff are either unaware, or are not familiar with when it is time to act, is much like having no plans at all. Reporting and documenting an attack are critical response activities.

How do you recover from a cyber attack? After an incident, there will often be remediation work required to restore the organization to operational normalcy. This could involve restoring applications, rebuilding host machines, changing configurations, adding new services, etc. Having a plan for restoring is critical to recovery, so please double check your backups. A security incident and breach is always to be avoided, but when one occurs it becomes an opportunity to improve upon policies and procedures. Take some time to talk with your coworkers about what they feel is the biggest cyber threat and then get some basic training on how to prevent an incident.

The Ready Carlsbad Business Alliance is dedicated to promoting business emergency preparedness, continuity of operations and community recovery through services, educational programs and cooperative partnerships. Cybersecurity is a broad topic that often can be over looked and confusing but has the potential to leave individuals and businesses scrambling to recover from a disaster just as a fire or flood will. If you are interested in learning more please contact Josh Mazur or Bob Welty and keep an eye out for the second cyber symposium being put on by the RCBA.