Yesterday West Loop Ventures hosted a hacking event in Chicago. One of our missions is to educate the community on issues affecting fin tech. We hope it helps the community, and that entrepreneurs get good ideas and go build a company to solve some of the problems we unearth.
We did this event in a far less formal style. It was a round table and we were lucky to have Joe Rickard of InCapital and Stelios Valavanis of oNShore Security there. Hacking is no stranger to anyone. Target was hacked via a vendor. One of the presidential campaigns in the election hacked. A recent hack called Wanna Cry is causing havoc. Today, Disney Company was hacked.
We didn’t tape the event. You had to be there! But, I can summarize a few things that came out of it.
First, hacking isn’t going to miraculously go away. Hackers are in it for the money. With computers, they can scale their hacks. Second, businesses are pressed for time. Hackers aren’t. Time is on their side. That’s a key thing to think about.
Stel and Joe come from security differently. Joe from a firm perspective. Stel from an enterprise perspective. That lead to some meaningful discussion. However, there was some commonality in the way they viewed security and some little things everyone can do to stop hacking.
- When you onboard/offboard employees, have a process in place. Teach them how to avoid hacking. Look at your organization as a “network” and empower the ends of the network to act. Most phishing and ransomwear comes into an organization via email or a vendor. Teach employees what to do with each and every email. Hillary Clinton’s campaign may never have been compromised if John Podesta didn’t open one email by mistake.
- Make sure your passwords are different for accounts that are related to anything dollar related.
- Make sure all of your firmware is up to date. If a printer is part of a network, make sure it’s up to date. Check all your servers and all the devices on the network.
- Firms can purchase all the hardware and software they want to stop hackers, but at its core stopping them is about training your people and having processes in place.
- Try and limit your companies hackable footprint.
- If there are old unused devices just laying around, get information off of them, store it on an unattached drive and destroy them. This goes for laptops, phones, printers, servers and anything else that was ever connected to the net.
- Set up a separate “guest” network in your building which employees can use for personal things. The company network should only be used for company stuff. Many companies now are seeing people carry two phones.
- When you travel you might have a burner phone or laptop that can be wiped before it enters the network.
Thanks to everyone who came and to FinTank and FinTex for supporting. We appreciate the Academy of Entrepreneurial Leadership at the University of Illinois for helping us find the space.