In just the past year, SDN Communications investigated 4,500 cybersecurity threats to its business and institutional clients. Each threat involved anywhere from a single to several thousand attacks.
Mark Shlanta, CEO of SDN, shared that discomforting, numerical reality on Sept. 3 at a U.S. Senate committee field hearing at Dakota State University in Madison, S.D. The Senate Committee on Commerce, Science and Transportation, which is chaired by Sen. John Thune, R-S.D., held the hearing about “Confronting the Challenge of Cybersecurity.”
Shlanta was among several local and national experts invited to testify at the hearing.
“Cybersecurity is not a problem limited by geography or to high-profile retailers, financial institutions and the federal government. Anyone using technology is a target,” Shlanta said.
As an example, Shlanta reviewed the experience a small business client in the Sioux Falls area that is in the manufacturing sector. Last year, attackers from as far away as Brazil used 100 different methods to try to break into the company’s network. The company fended off the attacks with the help of SDN’s Managed Firewall Service.
Companies such as SDN provide a variety of services that can help businesses significantly reduce risks. However, businesses have a duty to enforce internal controls, Shlanta said.
“Human error accounts for 95 percent of all security incidents,” he said. “Businesses should therefore improve the cyber-literacy of their workforce, limit access to sensitive information, and take the necessary steps to properly maintain their equipment, software and websites.”
Shlanta also urged the committee to maintain its support for voluntary, flexible and scalable approach to cybersecurity risk management. That approach is more effective than hard line regulations that struggle to keep pace with evolving threats, he said.
In addition to Shlanta, five other local and national experts were among the witnesses invited to testify.
The other local experts were Eric Pulse of Eide Bailly in Sioux Falls, and Josh Paul and Kevin Streff of DSU, an institution that has achieved prominence in the area of cybersecurity. Experts from the National Science Foundation and National Institute of Standards and Technology, or NIST, also were scheduled to testify.
A complex web of federal laws currently addresses the growing risks of cybersecurity.
Last year, Thune co-led the Cybersecurity Enhancement Act of 2014 to approval. The measure, which President Obama signed last December, authorized NIST to lead the development of voluntary, industry-led standards.
Another bill, the Cybersecurity Information Sharing Act, is pending in the Senate. The House already has passed similar legislation, which ultimately might have to be reconciled with the Senate version. In addition, the president has issued an executive order to expand information sharing and promote voluntary standards to reduce cyber risks to the nation’s critical infrastructure.
The sharing of information between the government and public sectors is considered crucial to effectively enhancing cybersecurity in the United States. However, information sharing and collaboration also raise concerns about protecting private information. So political work remains to be done.
Successful attacks on businesses such as Target, Michaels arts and crafts stores, JPMorgan Chase & Co., The Home Depot, Sony Corp., and Anthem health insurance demonstrated that cybersecurity is an issue of growing relevance to all Americans, not just a threat to corporations and government agencies.
SDN also is in the process of deploying a new product to help clients fend off one of the newest threats to businesses to and government offices: Distributed Denial of Service attacks. DDoS attacks attempt to disable an online service by overwhelming them with data traffic.
Fighting new and evolving threats to data is a never-ending battle, and SDN is among the entities in it for the long haul.
SDN is among the companies that provide products and services to help customers protect themselves from attack. Learn more about the company through its website or reach out using the contact form to request specific materials.