Writer: Eleana Teran
2 min read November 2022 — It’s a widely known fact that nothing is certain except death and taxes. However, sometimes it seems like another unavoidable fate might be cybersecurity attacks, especially as data breaches, identity fraud and other threats become more prevalent, making organizations of all sizes vulnerable regardless of their size, vertical or industry.
While there is no perfect strategy against cyberattacks, to stay safe, companies should scrutinize data to identify trends, invest in quality technologies and educate clients and employees.
In an interview with Invest:, Adam Elliott, founder and president of Kevari (formerly ID Insight), discussed some of the major issues companies face when it comes to cyberattacks. “(It) is definitely becoming more organized and fast-moving, which means institutions have to have better defenses against it, like the ones we provide.”
According to a report by Mimecast, three out of four companies received an increased number of email-based threats during 2021. Additionally, 75% of companies were hurt by a ransomware attack, a 14 percentage point increase from 2020. Of the businesses affected, 64% paid a ransom but nearly four out of 10 failed to recover their data.
Trellix Advanced Threat Research Report states that all industries are at risk of all forms of cyberattacks, but when it comes to ransomware, most attacks are targeted toward banking and financial services, accounting for 22% of detected attacks. The utilities and retail sectors are next with 20% and 16% of incidents, respectively. Education, government and industrial services are also subject to these threats.
Elliot points out the increased fraudulent activity is also more sophisticated, making it harder to detect.
“We’re seeing more fraud rings using automated bots. For example, a bank that might normally have 20,000 online account applications a month will start seeing 500,000 applications a month,” shared Elliot. “First, it appears like the bank is doing really well, maybe because of a marketing promotion or something. But then you start sifting through the data and you see that this increase was primarily due to bot activity. Fraudsters are using machines with legitimate identity credentials to try and open thousands of accounts with the express purpose of committing fraud.”
A false sense of security is one of the biggest mistakes small and medium companies can make. According to Elliot, “fraudsters are always going to be looking for the next hit that they can make. If a bank believes that they are protected because they aren’t a target right now, it actually makes them the easiest target to go after. This is only becoming truer as technology progresses. With the rise of mobile banking, a lot of these community banks are going to be left vulnerable to attacks from online fraud rings.”
To keep clients safe, leaders across all industries are finding ways to mitigate the risks. “We try to educate our clients and set up fraud identification tools. We get to know our clients and if we see an anomaly or red flag, we can contact them and verify transactions,” Melissa Johnston, chief credit officer and co-founder of EntreBank told Invest:. “The ways that criminals are getting information are far more creative than in the past. We partner with CSI, a banking provider platform that has a managed IT service, and they help us with fraud identification and other cybersecurity facets.”
The Data Breach Investigations Report developed by Verizon recognizes human error and how people sometimes do unsafe things to get around a security control that is designed to protect them from exposure. Since some controls make it harder for people to get their jobs done or access their accounts, it is important to pair them with educational initiatives to let users understand the reason behind them.
In that regard, Joseph Mulford, president of Pine Technical & Community College, told Invest:, how the mindset around cybersecurity has changed from being compartmentalized in the IT division into something that must occur across all areas of an organization.
“I think what people have learned over the last decade is that cybersecurity will be a foundational skill for every job because it has become so pervasive that anyone can get hacked. It is not only big companies; small employers are also vulnerable to this threat as it can occur in many scenarios. For example, if I send a file, it could potentially get hacked. As a result, all our technicians are having to learn about cybersecurity and how to stay safe in order to prevent threats,”Mulford said.
For more information, visit:
