Theresa Murray is the executive director of the R.I. Emergency Management Agency, the state agency that coordinates mitigation, preparedness, response and recovery efforts.
Prior to joining RIEMA in January, Murray served as regional catastrophic planner for the Boston, Mass. Office of Emergency Management and prior to that as RIEMA’s regional planning coordinator.
In preparation of October as National Cybersecurity Awareness Month, the Salve Regina alumnus talked to Providence Business News about cybersecurity awareness and the biggest digital threats that face businesses and consumers.
PBN: October is National Cybersecurity Awareness Month. What is the most likely cybersecurity threat that could impact local businesses?
MURRAY: The two biggest potential threats are the loss of access to their network (due to malicious actors) and the lack of proper recovery plans. Businesses need to properly secure data and protect personal identification information of clients and staff.
PBN: What are the most common cybersecurity risks that consumers face?
MURRAY: Every day, people are confronted with fraud scams, identity theft, and unknown malware that can quickly take complete control of a computer. Compromised computers are then used to conduct fraudulent activity against private citizens or the government.
PBN: What is the easiest way to prevent cybersecurity issues?
MURRAY: Everyone needs to familiarize themselves, and their staff, with basic cybersecurity prevention techniques and with common scams that are promoted through the internet or other technology.
Keep software, patches, and virus protection software up to date. We spend a significant amount of money on physical security, but we allow the cyber thief to walk directly in the door.
PBN: Why is cybersecurity awareness especially important to the business world?
MURRAY: If the business sector were to lose access to the internet, the lack of communications and data transfer resources could cause devastating economic impact. Cybersecurity and the protection of its infrastructure is a global issue. A single target can be infiltrated from anywhere in the world with the push of a button. In one year, worldwide losses from cybercrime (including malware attacks and phishing) totaled $110 billion. Smaller, locally-owned businesses must realize that a single cyber incident could cause significant financial loss or failure in the first 24 hours after the incident occurs.
PBN: What cybersecurity tips do you have for business owners who aren't the most tech savvy?
Learn about cybersecurity basics.
Update patches and virus protection on a regular basis.
Incorporate cybersecurity maintenance and architecture into business recovery plans.
Back up data to an off-site location or to a cloud-based system.
Do not be afraid to say no to employees’ requests for additional security privileges or BYOD (bring your own device to work) until they have proper cybersecurity measures in place to accommodate the devices.
If a third party manages the company’s network, have a basic understanding of the network and hold the master keys and passwords.
Establish ongoing cyber awareness training for all staff.
Properly dispose and delete any files that are no longer used or are outdated.