In 2022, Data Privacy Week is taking place from January 24-28. It is crucial to raise awareness about data privacy during this week-long initiative. However, data privacy concepts remain essential for securing and managing personal information all year.

October has been dedicated to Cybersecurity Awareness Month every year since 2004. However, as this year’s Cybersecurity Awareness Month comes to an end, your Data Evolution experts are here to remind you that cybersecurity matters every day.

Your network infrastructure takes time and effort to strategize and develop. Any compromise to your network or infrastructure can disrupt connectivity, communication, and other operational activities. Network infrastructure security is crucial to your productivity.

Your passwords are like the lock to your house. You would not offer the keys to random people or install a simple lock that any criminal could pick easily. Any compromise to your password security could potentially hurt your credit, financial health, identity, and more.

These days, social engineering attacks are one of the top threats to your company’s cybersecurity. A recent study found that, on average, organizations get targeted by more than 700 social engineering attacks per year. This type of threat includes techniques such as phishing and ransomware, and it relies on a lack of awareness, attention, and time to assess the threat.

You don’t need to be a hardened sea dog to know the bigger the fish, the harder to catch — but the bigger the payoff. Cybercriminals understand this concept, too. And as their phishing  techniques become increasingly polished, they’re turning their harpoons on the leviathans of the business world: the C-suite.

When cybersecurity experts talk about whaling, they could mean one of two types of attack:

• A spear phishing attack directed against senior executives, with the goal of accessing customer data, bank account numbers, passwords, or any other valuable information. (As described in this recent Kaspersky article.)
• A spear phishing attack in which the attackers digitally impersonate a senior executive, in the hopes of tricking lower-level employees into making a wire transfer or revealing sensitive information. (As described by Mimecast here.)

A trustful nature is, under most circumstances, not a bad character trait to have. But to cybercriminals, a little too much trust — combined with a generous dose of curiosity and inattention — is just the crack they need to worm their way into your biotech firm’s data.

Recently, I wrote about phishing , one of the most widespread and effective techniques used by hackers today to steal data, infect networks, and disrupt business. In its most basic form, phishing casts a wide net in the hopes of reeling in a few gullible individuals among thousands.

But hackers have a much more precise — and potentially devastating — weapon in their arsenal: spear phishing.

Despite all the advances in cybersecurity in recent years — iron-clad antivirus, impenetrable encryption, spookily effective spam filters — hackers are still breaking into even the most secure organizations by taking advantage of their weakest position: the human element.

According to some estimates, up to 91 percent of data security attacks begin with a false email intended to dupe the receiver into giving up login credentials or installing malicious software. This technique, a favorite of hackers worldwide, is called phishing.

If you read the news these days there always seems to be a new article about a data breach, virus or hacking threat. They are usually about large companies (remember Anthem’s identity theft breach where tens of millions of SSNs were stolen?) but multinational corporations aren’t the only ones being targeted.  Even small to mid-sized companies get hit - we have seen an increasing number of targeted attacks at some of our very own biotech clients. There are two threats in particular I want to share: