Published October 20, 2023 – William Prohn was among the cybersecurity industry leaders invited by Buffalo Business First to discuss ways organizations can keep their systems well-protected and mitigate risk.
A cyberattack on your company’s computer systems should be anticipated, that it will happen, not if.
Yet there seems to be only some mild concern out there and not much action in protecting company data and information from the bad guys who are eying it.
That was the warning of cybersecurity experts recently empaneled by Buffalo Business First Publisher John Tebeau to discuss critical issues around keeping company data and information out of the hands of scammers.
- William M. Prohn, Managing Director, Dopkins & Company, LLP
- Christine E. Wiktor, Area Vice President – Gallagher
- Stefan Dorn, Cyber Hacking Officer -Optimize Cyber, An Accessium Partner
Over the past decades there has been progress in awareness of cybersecurity and tactical approaches to protecting data and information, Prohn said. Most everyone is familiar with strong passwords and multi-factor authentication.
“It is useful that people are attuned to it and aware of it and doing some things, little things to combat cyber threats,” he said. “I still do not see many strategic approaches. In most organizations it is not being addressed at a corporate level or from a business strategy perspective. It is being addressed in ad hoc ways without any concept as to where the big risks are.”
What are the risks?
Leaders should be focusing on cybersecurity priorities, identifying partners, how much to spend and where investments should be made, Prohn said.
Dorn agreed. There is an absence of strategy, which is dangerous considering the very real threats to business data and sensitive information.
“You need to have a measured plan to deal with these complex issues,” Dorn said.
In addition to ransomware and destructive malware, some of the biggest threats these days include social engineering, a category of attacks which typically use urgent email messages to trick an employee into revealing sensitive information or clicking on a malicious link or file.
For more information, contact William Prohn at email@example.com.
Read Bill’s companion article: The Secret to Good Cybersecurity