Former FBI agent turned cybersecurity expert Robert Anderson thinks no company is too small to take cybersecurity seriously.
Anderson, who led the FBI’s cyber crimes division and helmed the search for whistleblower Edward Snowden gave advice to local industry leaders at BizWest’s Cyber Crimes Exposed Power Breakfast Thursday.
Anderson advised attendees that there’s one big way companies of all sizes can reduce their risk.
“Two-factor authentication is probably the biggest thing you can do, in my opinion,” Anderson said.
The system, which asks users to confirm log-ins by phone or biometrics, can eliminate some dangers of password breaches.
Other tools commonly used by cybersecurity experts are endpoint protection, which secure the devices that connect to a company’s servers, and managed security service providers, which monitor servers for attacks as they happen. But not every company needs to be a digital Fort Knox.
“If you’re a 10-person company, 20-person company, I’m positive there’s no one at my company that would recommend you anything more than endpoint protection,” Anderson said.
Anderson pointed out that many cyber attacks aren’t hackers at all, and instead use preexisting tools to target anyone they can.
“Five or 10 years ago, it would have been limited; you have to be a hacker to hack in,” Anderson said.
Now, bad actors can turn to the dark web to pull off ransom attacks against companies of any size. The proliferation of digital and crypto currencies allow groups to receive their ransoms untraceably.
When companies get targeted by ransomware attacks, their data can be locked up and attached to a digital time bomb. If victims don’t pay up, their data could be permanently deleted, or published — whichever the attackers think is more likely to score a payout.
While criminal organizations frequently target small businesses and individuals in the United States, Anderson said foreign governments are less likely to.
“The chance of you guys getting hit by Russia is about zero,” Anderson said.
Anderson advised attendees to begin thinking about cybersecurity protocols before an attack, rather than after it’s too late.
“When it comes to your data, how are you going to protect it?”
Anderson joined Cyber Defense Labs in 2019 after more than 20 years with the FBI, serving as executive assistant director of the Criminal, Cyber, Response, and Services Branch before moving into the private sector. After his speech, he signed copies of his new book, “L.E.T.S. LEAD: Leadership, Energy, and Teamwork = Success.”
The Dallas-based Cyber Defense Labs advises large and small companies on cybersecurity, including how to avoid ransomware and identify the bad actors on the dark web.
The Power Breakfast was sponsored by the Renaissance Insurance Group, EMC Insurance Cos. and Amwins Inc. Proceeds from the event will go to Colorado Youth Outdoors.