More than 50 people recently attended a seminar on cyberattacks this week at the Factory in Bethlehem, where experts in law enforcement, information technology and crisis management shared advice.
(TNS) — Joe Montesano learned that, these days, reality often bytes.
An innocuous email received three years ago by an employee at Montesano’s company turned into a ransomware attack
“For three days, I didn’t have access [to computer systems],” said Montesano, operations manager at Hanover Township, Lehigh County, Pa., packaging company Lindenmeyr Munroe. He said the ransom wasn’t huge, a little less than $220.
“It was just the frustration of it happening and knowing that certain files were no longer available to us," he said.
Montesano was among 50 people at a seminar on attacks in cyberspace Thursday at the Factory in south Bethlehem, Pa. The event featured experts in law enforcement, the law, information technology and crisis management.
“We produced this event today, not to scare you but to inform you,” said Scott Gingold, president of Lehigh Valley Technology Co., which organized the forum.
The FBI’s James F. Carty, who led off presenters, spoke several times about businesses maximizing their “security posture”: using the latest software and taking other steps to minimize exposure.
Carty, chief security officer for internal operations of the Philadelphia FBI, which includes the Lehigh Valley, also covered the latest threats in ransomware, compromised email and a computer attack known as “watering hole.”
He also showed the audience a free service from the U.S. Commerce Department’s National Institute of Standards and Technology, an online “framework” with standards, guidelines and best practices to manage cybersecurity-related risk.
“I think it’s important to recognize that your risk to all those different threats is commensurate with your security posture,” Carty said before the event. “If you’re paying attention to what you’re doing ... your security posture will be higher, with less risk.”
Montesano said while his company took steps after the attack, he came away from the forum with a greater understanding of policies and procedures for training employees to spot and report malware or other malicious, hacker-generated bugs.
He also left the event recognizing there’s likely more that needs to be done.
“And it’s changing dramatically,” he said of the cyber landscape.
©2019 The Morning Call (Allentown, Pa.). Distributed by Tribune Content Agency, LLC.