A market maker works on the trading floor at IG Index in London, Britain January 14, 2016.REUTERS/Stefan WermuthEarlier this month, credit reporting company Equifax disclosed that hackers had accessed1 the names and social security numbers of approximately 143 million of its US customers.
The breach tarnished Equifax’s reputation, destroyed its stock2 and decimated3 its executive ranks4. No one wants to be the next Equifax and it’s a safe bet that at this very moment big and small businesses across the country are scrambling to bolster their cyber fortifications. It’s not an easy feat . But Steve Martino, chief information security officer at Cisco, has developed some clever techniques through years of fighting the bad guys.
Cisco employees are constantly kept on their toes as Martino probes them for weak spots and drills a defensive mindset into them.
Martino sat down with Business Insider to share some of his key tactics for creating an organization that won’t become the victim of the next big cyber attack . Here’s what he recommends:
Kill your click-throughs
In online business, big click-through rates are great: it means customers are clicking on links and web pages to buy stuff.
Inside a company though, high click-through rates can be deadly as a daily barrage of phishing emails and other nefarious tricks try to entice susceptible employees into clicking a dangerous link.
Martino sends out fake phishing emails to Cisco’s entire staff every quarter .
Anyone who clicks on the phishing link is brought to an employee training video to teach them how to avoid engaging with suspicious emails in the future . The method works because it helps every employee understand their role in protecting their company against attacks.
“We’ve been able to reduce our click through rates by over 60% by giving them that training,” Martino says.
Protect your treasure
It’s extremely difficult to protect against every possible method of intrusion, so it’s best to focus on protecting the most important data. Figure out which customer and company data is most sensitive, as well as which portals of entry are most vulnerable, Martino advises.
“If you don’t know what your key things are, you’re trying to protect everything and you probably protect nothing,” he says.
Seek and destroy
Expect that attackers will get through some of the time and actively seek out the intruders.
“You have to recognize that in today’s interconnected world, no matter how much you deploy, mistakes will happen,” Martino says . From employees that click on phishing emails, to programmers that build buggy software, human mistake is often at the heart of security.
“Hackers are dedicated, and well funded adversaries, and they’re going to find errors in software,” says Martino.
Because of this, it’s vital that security teams actively look for existing breaches. One way to do this is to look for cybersecurity software which can work together, so that when something goes wrong at one point in the security process, protections are in place to prevent it from going any further.
Practice “fire drills”
Every student and office worker knows how to get out of the building fast if there’s an emergency . The same should be true for responding to cyber threats.
Martino recommends that management teams set up a cybersecurity playbook with defined steps that the team needs to take should their worst nightmares come to fruition.
Once the playbook is established, and roles are doled out to the staff, companies should run drills for security breaches the way that schools run drills for fires: The more a company practices, the better prepared staffers are when something does go wrong.
Spread the word
While a playbook is vital for the cybersecurity team, it should also include a prepared responses from other departments especially the communications team.
Most states have security breach notification laws that require companies to disclose when consumers have been impacted by a hack .
Companies also need plans for how to notify their board of directors, and other major stakeholders at the company .
And don’t forget to prep an apology statement to send to the press.
“If you don’t have a disaster response playbook, you’re going to try to make it up on the fly and make a lot of mistakes,” Martino says.
This is the terrifying moment a gun gang ambushed security guards in a 100,000 bank raid. Three masked men pounced at a branch of Santander in Walkden in the early hours of the morning. Footage shows how a G4S vehicle was parked in an alley at the side of the bank.
A distinctive Mini Cooper car, with the robbers on board, is seen arriving in the street as an innocent woman pedestrian walks by. One of two guards then alights from the van and starts to walk towards the entrance of the bank. The Mini pulls up at speed next to bollards near the pavement and the guard hurries towards the door of the bank, but one of gang springs from the car and tailgates him into the building.
The robber is then quickly followed by two others.
The armed men can be seen chasing the security guard into the bank
Once inside the building at the Ellesmere Shopping Centre in Bolton Road, one of the gang pressed a pistol into the guard s back after forcing him to lie on the floor. Within 30 seconds the gang emerge from the bank and drive off. One line of inquiry is that the gang had inside information.
As well as a handgun the gang were also armed with a machete. Their red Mini was later found abandoned behind a row of shops in nearby Sportside Avenue. The raid took place at around 1.20am on September 7th .
Neither of the cash couriers were injured but were left shocked by the ordeal. In recent weeks, Salford has also suffered another similar bank raid.
The distinctive Mini Cooper car used as a getaway car leaving the scene
Twelve days later – on Tuesday last week – two men escaped with 30,000 in another early morning bank raid in Salford. A guard was attacked outside the Royal Bank of Scotland in Mather Way, Pendleton, at the city s shopping centre.
The pair struck at 7.10am on September 19th and were armed with a crow bar.
Commenting on the Walkden raid,Sergeant Natasha Evans of GMP s Salford borough, said: This was a horrifying attack, which has left the victims extremely shaken.
Thankfully no-one was injured, but that doesn t excuse the terrifying ordeal that the victims had to endure at the hands of these violent men.
I would urge anyone that was in the area at the time of the robbery that thinks they might have seen anything that could help our investigation to please get in touch.
A thug who battered an elderly security guard with a shovel after breaking into a factory has been jailed for 14 years.
Lee Parsons left 73-year-old Joginder Singh Mattu for dead after subjecting him to a sickening 30 minute beating at Stoke Forgings metal factory in Brierley Hill1. Fellow guards found the victim hours later lying in a pool of blood with injuries so severe, it was initially suspected he had been involved in an industrial accident.
The 44-year-old pulled on a pair of overalls in an attempt to blend in, but he was caught by Mr Mattu while rummaging through an office. CCTV showed Parsons initially trying to talk his way out of the situation, but he then punched the victim to the floor before repeatedly beating him around the head and body with a shovel.
Mr Mattu, who had worked at the factory for 35 years before becoming a guard, was in hospital for six weeks after suffering serious head injuries.
The attack happened at the factory in Vine Street
Detectives checked local addresses and managed to track down Parsons at a shared accommodation building in Highgate Road, Dudley. His fingerprints matched those found on the shovel while examination of a pair of his jeans revealed blood that was forensically matched to Mr Mattu. Parsons, of no fixed address, admitted a charge of attempted murder and at Wolverhampton Crown Court on Thursday (July 6), he was jailed for 14 years.
Mr Mattu’s family welcomed the news and said the victim was still recovering at home.
In a statement released through West Midlands Police, the family said: “We re pleased with the swiftness in which the offender was apprehended.
“Dad is recovering at home and as a family we would like to draw closure on this incident; we just want to give dad time to recuperate with his family, hopefully make a full recovery and for him to enjoy his retirement.”
Detective Constable Paul Widdal, from Force CID, said: The CCTV footage was truly shocking: this was a prolonged, vicious attack and at times Parsons can be seen shouting at and goading the victim as he lay defenceless on the ground.
Click to play Tap to play
The video will start in 8Cancel
At one stage Mr Mattu did manage to stagger away a short distance but was followed by Parsons and set upon again.
Mr Mattu was in critical care for many weeks; I m delighted he pulled through but we could easily have been looking at a murder investigation.
“I am pleased the court has recognised the severity of the assault and handed down a lengthy prison sentence . Parsons is clearly a danger to the public and people are safer with him behind bars.
I also want to pay my respects to Mr Mattu; he has shown great courage and a fantastic mind-set . In fact, when he came around in hospital the first thing he wanted to know was if anything had been stolen and when told no replied I did my job then!