In 2012, an administrative staffer in South Carolina’s Department of Revenue clicked on a link in what turned out to be a malicious email. With that one click, international hackers were able to infiltrate the state’s computers and get access to 3.8 million Social Security numbers and nearly 387,000 credit and debit card numbers.
To cover the cost of that huge breach, South Carolina had to take out a $20 million loan. That was just one of the cyber horror stories offered by Erik Avakian, chief information security officer for the Commonwealth of Pennsylvania, at the 2015 Cybersecurity Summit hosted by Lehigh’s Business Information Systems (BIS) Club at the Rauch Business Center.
The summit was presented by the Greater Lehigh Valley Chapter of the Association of Information Technology Professionals. Avakian and a panel of information security experts tried to impress the enormity of the problem upon the students, faculty and others attending. Avakian talked about cyber attacks on Sony, Target, the IRS and the emerging threat of hacker assaults that will target power grids and other critical infrastructure.
"The bad guys are constantly at it, 24-7," Avakian said. "JP Morgan is a company that has 2,000 people dedicated to cyber security. They have spent $250 million dedicated to cyber security. They did everything right, and they still got hacked."
To guard against attacks and to limit damage when they happen, Avakian advised frequent training of employees in cyber security best practices and testing them to make sure they’re effective. Computer users need to employ different passwords and companies can use encryption and take a layered approach to data "so there are different controls at all levels," he said. It’s also important that vendors who deal with companies practice good cyber security, he said.
Because of the acceleration of cyber attacks in recent years, the job outlook for those in the information security field is exploding.
"This is such a great field to be in because there’s so much opportunity," Avakian said. "If you like to multi-task, this is the job for you."
Story by Margie Peterson