The recent cyber-attacks on MGM Resorts in Las Vegas causing major issues to their day-to-day operations is just the most recent example of the challenges faced by organizations in the evolving fight against cyber criminals. As the dust settles, it’s essential for business owners to understand the implications of these attacks and learn from them.
To help prevent your own cyber event, here are seven key takeaways from the MGM Resorts cyber breach:
- No Business is Immune – Regardless of industry or size, every business is a potential target. The hackers targeted a range of sectors, from hospitality to manufacturing, retail, and technology. This underscores the importance of always being vigilant and proactive in cybersecurity measures.
- The Human Element Remains a Weak Link – The hackers impersonated employees and convinced IT helpdesks to provide duplicate access. This highlights the need for continuous employee training and awareness programs. Employees should be educated on the latest cyber threats and trained to recognize suspicious activities.
- Multi-Factor Authentication is Essential – San Francisco-based Okta, which provides cyber security services to companies like MGM Resorts, emphasized the importance of multi-factor authentication in a recent interview. This extra layer of security ensures that even if a hacker obtains a password, they can’t access the system without a second form of verification.
- Collaboration is Key – The fact that Scattered Spider and ALPHV worked together is a reminder that cybercriminals collaborate and share resources. Businesses should do the same. Collaborating on security strategies with your insurance agent or risk advisor can help your organization remain ahead of the curve when it comes to cybersecurity best practices.
- Have a Crisis Communication Plan – Developing a crisis communication plan for a cyber event is critical to managing the narrative, reassuring stakeholders, and mitigating potential reputational damage.
- Regularly Review and Update Security Protocols – The cyber landscape is continually evolving. What worked a year ago might not be effective today. Regularly reviewing and updating your organization’s IT infrastructure can ensure that your business is protected against the latest threats.
- Be Prepared for Financial Implications – Cyber-attacks can have significant financial implications, from the immediate costs of dealing with the breach to long-term reputational damage. Businesses should consider cyber insurance and have a financial plan in place for such eventualities.
A great educational resource to help you understand the financial implications of a cyber breach is the at bay, Data Breach Calculator.
In conclusion, the MGM cyber-attacks serve as a stark reminder of the ever-present cyber threats facing businesses today. By understanding the lessons from these attacks, you can better prepare and protect your company in an increasingly digital world.
