For small businesses, there are cybersecurity resources and best practices available.
Victor Malloy, Texas Cybersecurity Compliance Program project manager at the UTSA IED, leads a cybersecurity training program for small businesses.
Malloy has more than 20 years of experience as a leader in information technology programs with the U.S. Air Force, Department of Defense, and the financial services and defense industries, including leading daily cyber operations within the Air Force Cyberspace Operations Center. He provides expert technical guidance on defending against cyber threats.
“All of us must take actions to protect ourselves from organized attacks like the ransomware incident that has significantly impacted the energy sector,” Malloy said.
Malloy recommends following the cybersecurity ACES mnemonic:
• Awareness: Know that when a cybersecurity incident happens to someone else, it affects everyone, even those who don’t use electronic devices. In the case of this incident, the supply of energy resources is causing increases in the cost for all consumers.
• Current Updates: Make sure to use the most updated versions of web browsers, email applications, and hardware updates for mobile phones, laptops and electronic devices. Manufacturers have a responsibility to design security fixes to products purchased for use at home or in business.
• Education: Learn about proper hygiene in daily digital habits. Use multifactor authentication to access mobile phones, laptop and information systems. Keep backup copies of all critical files, documents and records for personal information. Follow organizations’ information security policies and procedures.
• Stay Vigilant: If there is something suspicious in a text message, email or phone call, report it immediately to a law enforcement, security official or an organization’s leadership. Malloy offered an overview on how to mitigate the risk from ransomware attacks on organizations.
“The bottom line is to back up offline, use multi-factor authentication for all users, and validate email links and email attachments,” he said.