We are living in an age where technology has made simple tasks easier and complex functions more convenient. However, along with these advances in technology, the associated risks to consumers have evolved and become more challenging.
People’s identities can be stolen, their bank accounts drained, and their credit ruined by criminals in distant lands over the course of weeks, months, or even years.
Additionally, events such as last year’s Equifax data breach are stark reminders that everyone must play an active role in protecting their own data and financial information. Criminals and scammers operating on the Internet are continually becoming more sophisticated and savvy in the ways in which they target their victims.
Looking forward to 2018, in addition to New Year’s resolutions to protect
ourselves and our
businesses, we can also focus on a word. The word that everyone must focus on this year is “cybersecurity.”
I urge consumers to take advantage of an online cybersecurity guide launched by the Wolf Administration that includes information and tips on how to protect your family, preventing identity theft, passwords, browsing the Internet safely, and securing your mobile phone:
www.pa.gov/cybersecurity.
At the same time, I also urge businesses to recognize the existential threat to their organizations, customers, partners, and vendors posed by cyberthreats and cyberattacks. Cybersecurity is a top priority of the Department of Banking and Securities, and this issue should also be a primary concern for every Pennsylvania business.
All businesses, small and large, should be thinking about cybersecurity and what they possess that might be valuable to cyber-attackers. This includes asking questions like:
• What type of data does our business have and is it encrypted?
• Who within the organization has access to that data?
• What are we doing to secure that data from unauthorized users?
• Who should we contact if someone steals our data or launches a cyber attack?
Cybersecurity is no longer an “IT issue” but something that owners, executives, and managers in businesses both small, medium, and large must be invested in and take seriously as attacks grow with exponential ramifications.
Businesses should not view themselves as competing with each other on the issue of cybersecurity. By collaborating, we can use our collective expertise to discover the best approaches to protect ourselves and help ensure the integrity of Pennsylvania’s marketplace.
One example of how businesses are working together on cybersecurity is the recently announced
Financial Crimes Enforcement Network (FinCEN) exchange. Banks and law enforcement agencies work together in this exchange for the purpose of better identifying risks and focusing on high priority issues.
I also urge businesses to research the following cybersecurity resources:
•
The National Institute of Standards and Technology (NIST)
guide for small business owners on cybersecurity issues, which includes steps to take to better protect information systems.
•
The Department of Banking and Securities
Cybersecurity Task Force, which educates and informs businesses about information security.
Recently, I issued a
formal letter that provides businesses with an update on cybersecurity efforts and available resources. The bottom line is that businesses must take control of protecting the personal and financial information of their clients and customers -- as well as for their organizations -- and continue to work harder and more diligently to protect themselves against these evolving threats.
Cybersecurity is a complex and difficult issue, but one that cannot be ignored by anyone. It will remain an issue of high concern for governments, businesses, and consumers in 2018 and for the foreseeable future. Let’s get used to using the word cybersecurity more often.