Sage Advice - Cybersecurity Blog

Cybersecurity: Evolving and Learning

cybercrime-symposium-recapTyler’s recent 12th Annual CyberCrime Symposium did not disappoint. The long-awaited in-person conference, held in Portsmouth, New Hampshire, brought together over 100 industry peers from across New England and the United States. As a result of the chaos and rise in cyberthreats caused by the pandemic, this year’s conference centered around the future of resilience.

Over the course of two days, attendees heard from eight industry-renowned speakers about a multitude of cybersecurity topics, including encryption in the cloud, vulnerabilities and how they can lead to major disruptions to critical infrastructure, the importance of cyber insurance, and what the future of cybercrime holds from a law enforcement perspective. An overarching message echoed throughout the conference venue by speakers and attendees alike.

“Cybercrime is here to
stay and will get worse,
so we must be prepared.”
- Rick Simonds, Tyler Cybersecurity VP

The topic of cybersecurity is seen in the news – and usually not in a good way – every day. We can no longer think in terms of ‘if’ a cyberattack occurs. The mindset now must be ‘when’ a cyberattack happens, as organizations of all sizes and sectors continue to get hit with clever cyberattacks that often go unnoticed until major, irreversible damage has been done. From phishing campaigns to third-party supply chain breaches, to exploiting vulnerabilities, stealing credentials, and more, threat actors will take any measure they can to access valuable data and carry out crippling ransomware attacks.

Unfortunately, public sector organizations, like schools and counties, have been a prime target for cybercriminals. Oftentimes they do not have the budget to invest in dedicated security staff or cybersecurity tools and training. The shift to remote working and learning has opened a plethora of new opportunities for hackers.

According to the 2021 Annual Threat Assessment, “Transnational criminal organizations will continue to employ cyber tools to steal from the U.S. and foreign businesses and use complex financial schemed to launder illicit proceeds, undermining confidence in financial institutions.” Matt O’Neill, CyberCrime Symposium speaker and U.S. Secret Service Special Agent, confirmed that “Financially motivated attacks take the cake for the most common attacks in 2021. The two most used terms in [cybersecurity] forums are ‘bank account’ and ‘credit card,” he said.

In fact, experts predict that global cybercrime damage will be around $10.5 trillion by 2025, as compared to $6 trillion this year. The writing is on the wall, and for those less fortunate, it’s on their networks. It’s never been more important for organizations to invest in cybersecurity.

“A resilient cybersecurity program
starts with awareness, education,
and preparedness.”
Brendan Travis, CISM, CRISC
Tyler Cybersecurity Director of Business Development

The three pillars that make up a strong and resilient cybersecurity program include people, process, and technology. Without thoughtfully practicing and implementing each of these components into your organization, things are bound to slip through the cracks and incidents will occur.

First, an organization’s people can be your greatest asset or weakest link when it comes to keeping data safe. Employees need to have cybersecurity knowledge and awareness so they can act as stewards towards their organization. Start off with training them on how to spot a phishing attempt and creating strong passwords. IT and/or security staff should be attending thought leadership conferences – such as the CyberCrime Symposium – regularly, so that they can share information with their peers and gain relevant information needed to inform cybersecurity priorities. Cybersecurity education is one of the most important steps we can take to further secure data and keep bad actors out. Consider outsourcing training and education to take advantage of the knowledge of your peers.

Next, it’s essential to have processes in place, which includes frequent trainings. Create a schedule for cybersecurity education. Have policies and plana – like an information security policy, incident response plan, and business continuity plan -- documented and be sure to regularly distribute any relevant cybersecurity information or threats to employees. Always keep your processes top-of-mind so you can be prepared to switch them up or implement them at a moment’s notice.

Finally, technology needs to be incorporated into your cybersecurity program. Antivirus, antimalware, firewalls, and managed threat detection and response tools are just a few of the essential technologies you can use to get started with keeping valuable data safe. If you’re an IT leader, make sure your ongoing cybersecurity hygiene includes updating and patching hardware and software as soon as it’s needed, because without frequent updates, you will be vulnerable to risk.

Stay educated with us!

By equipping your organization with ongoing education and cyber defenses, you will be better prepared to adapt, ward off, and respond to the many cyberthreats that will undoubtedly impact so many organizations today, and in the future. Enhance your program by taking advantage of a few of our complimentary resources.

Interested in attending next year’s event? Email ccsym@tylertech.com to get on the invite list!

The Tyler Cybersecurity Lifecycle

Cybersecurity isn’t a destination.

Cybersecurity Lifecycle

There is no single, straight path that will get you to the point where you can say, “We did it! We’re 100% cyber-secure.”

A more realistic destination is cyber resiliency – the ability to prepare for and adapt to changing conditions, so you can withstand and recover rapidly from disruptions. Achieving cyber resilience depends on what we like to call the cybersecurity lifecycle – an ongoing cycle of interconnected elements that compliment and reinforce one another.

Learn More