10 Ways to Protect Your Firm Against a Cyber-Invasion

10 Ways to Protect Your Firm Against a Cyber-Invasion

The average length of time between a new computer being hooked up to the Internet and its being targeted by hackers is six minutes, experts warn -- so it’s critical to establish a defense in depth against cyber-invasion.

“Set up a computer, and within six minutes your computer will be attacked,” said Paul Horn, chief information security officer at HD Vest, in a session at the company’s annual meeting for its financial advisors, Connect2016, being held this week in the Washington, D.C., area. “So it’s important that you get your security set up quickly.”

What’s more, financial services businesses like accountants, tax professionals and financial planners are particular targets, according to Horn’s co-presenter, Vest security architect Sonny Mauldin, who cited data on security breaches that showed that financial services was by far the No. 1 attacked industry, accounting for 30 percent of attacks across 21 industry categories, with 795 confirmed security incidents of data loss in the most recent year studied.

Between the growing sophistication of “black hat” data thieves and the enormous incentives they have to steal, it’s more important than ever that organizations protect themselves, and with that in mind, Horn and Mauldin offered a number of tips. 

  1. Keep up to date. Make sure your operating systems, browsers, applications and antivirus solutions are current with the latest updates and patches. Almost 100 percent of exploited software vulnerabilities have had a patch available for over a year, Mauldin po
  2. Don’t rely just on anti-virus software. “Anti-virus is only good against 40 percent of vulnerability attacks -- it’s not the be-all and end-all,” Horn said. “It’s about defense in depth.”
  3. Have a business-class firewall. Note that an ISP-provided DSL/cable modem is not an adequate firewall, Horn said, so you’ll want to add something extra to whatever comes with your basic Internet service.
  4. Have current backups of your systems and data. Also, make sure the backup is stored somewhere hackers can’t get at it -- and test your back up from time to time to make sure it’s working.  Read more on Accounting Today.