Cybersecurity threats and secure messaging
The recent exodus of Credit Suisse executive Anthony Kontoleon has raised red flags among business leaders and their employees in industries that manage sensitive data, such as banks and financial institutions. If it can happen within a reputable organization, it can happen to anyone. Kontoleon exposed its company to the threat of losing private information, suffering financial losses and losing credibility among customers and internal employees, which are prominent issues that put companies at risk through the use of quality messaging applications. with WhatsApp. In the Credit Suisse incident, and similar stories above, the situation was completely avoidable. Anurag Lal is an authority on this issue and has a deep understanding of what organizations can do to mitigate the threat of cybersecurity attacks and protect their information. For companies that manage sensitive data, it’s not about whether they face a cybersecurity threat, but about when.
Why secure messaging is important for cybersecurity
The history of Credit Suisse, and many others similar to recent news, showed that even the largest organizations still do not know how to prioritize possible cybersecurity risks. A senior banker was fired due to his practices of communicating via WhatsApp with international customers, inadvertently creating a vulnerability in the company by making customer information quickly accessible to any bad looking actor in an easy way. to enter. Although the application was not banned. of the company and the exchange of information was never appropriate and, fortunately for Kontoleon, there was no violation of the cybersecurity, standard and security surrounding the use of communications platforms in the jobs are changing and will continue to do so. In this case, organizations disapprove of consumer-grade platforms like WhatsApp as an appropriate workplace communication method due to the lack of security and ability to regulate the information being shared and the ability of attackers to intercept messages due to of the lack of the latest security measures, such as end-to-end encryption.
From the company’s internal policies to prepare for a potential threat, to the ability to recover from an attack, it’s clear that companies are playing catch-up instead of adopting. a proactive approach to this very real threat with important consequences. With each day organizations continue to use insecure communication methods, cybersecurity attacks are increasingly technologically advanced and malicious actors quickly learn to detect vulnerabilities within sectors that have confidential information. This sensitive information comes at a high price, and it would be naive to think that they will stop striving to develop new ways of intercepting this communication.
One of the most important problems that causes confusion is where to put the blame, but the truth is that the blame is on everyone. The case of Credit Suisse is both a breach of trust and a breach of an employee’s information. At the same time, the organization should have known better than to have such lax and vague communication policies when it comes to handling such sensitive and important information. When the risks are so high, it is well worth it for a company to be educated to maintain best practices at all levels, including communication methods.
While these consumer grade platforms are convenient, efficient, and even familiar because they are often used in personal communications, it is irresponsible to overlook communication methods that completely eliminate the risks that Mr. Kontoleon posed, and others like him, would go to the hot water. These consumer-grade applications compromise user and organization security, and often fail to meet regulatory requirements, specifically designed for your industry. While it seems like an innocent mistake made from the habit of using a family platform to quickly share an update with a customer, this little piece of communication instantly puts an entire organization and the customer at risk and compromises the valuable information. On the other hand, there are enterprise-level communication methods that allow users to maintain the same ease or functionality they have with current platforms that include encryption, security, and control that also allow them to comply with regulatory obligations. It seems that a senior executive would prioritize and use more secure solutions, but these situations have been increasingly present in the recent news cycle, especially in the financial sector.
What needs to be done to prevent cybersecurity threats
At a minimum, business leaders should take responsibility for implementing a cybersecurity policy that is proactive in identifying potential threats and includes an educational component that allows employees to identify phishing and phishing by SMS. , or “smishing” attacks. In addition, organizations should focus on a holistic approach to cybersecurity protocols rather than catching up as they recover from the numerous potential losses. It is crucial to have a plan to be able to quickly recover from a potential attack, examine how it happened and the vulnerabilities of the system, and adapt to avoid the same threat in the future. A good cybersecurity protocol is constantly evolving to keep up with the technological advances of emerging threats. Having a dedicated computer team that is well aware of cybersecurity threats is well worth the investment, from a financial and human resource hiring standpoint. This is where the responsibility for educating the internal workforce comes in, not just for executives, but for the entire organization.
Best practice for organizations that manage sensitive and valuable data is to ensure that the communication methods used, both internally and externally, are the safest option possible. This means that these platforms have safeguards such as end-to-end encryption and multifactor authentication security. There should be a dedicated team that plans the worst-case situations and has a plan in place that quickly addresses the threat and continues to update and develop new strategies to ensure that the same non-compliance is never repeated. Ultimately, what we can learn from the history of Credit Suisse is to be smart and invest in products that are available to provide the right business-level communication methods that have the same capabilities as those that have been causing multiple breaches of safety and compromising sensitivity and sensitivity. valuable information.
About Anurag Lal
NetSfere offers next-generation messaging and mobility solutions for a variety of industries, including healthcare, through its NetSfere Enterprise secure mobile messaging platform. NetSfere Enterprise is a secure messaging service and platform that delivers industry-leading security and message delivery capabilities, including global availability of cloud-based services, device-to-device encryption, location-based features, and administrative controls.