During a session on cybersecurity at WasteExpo, which was May 9-12 in Las Vegas, panelists representing information technology (IT), electronics recyclers, insurance and cybersecurity echoed each other’s notion that the pandemic threw many departments for a loop in terms of maintaining a high level of data security.
Mike Coogan, director of cybersecurity for Houston-headquartered WM, reflected back to two years ago when suddenly, large portions of the workforce were being sent home to do their jobs.
“The pandemic made people rethink how employees interact with data,” he said. Businesses like WM were tasked with figuring out how to deploy their security assets from home. Frank Wilk, vice president and chief information officer at Casella Waste Systems, Rutland, Vermont, also shared that the pandemic provided the company with an opportunity to really look into its cybersecurity strategies. Plus, there was the issue of cross-contamination: using personal devices for work and vice versa.
Billy Bob Brown, assistant director for emergency communications at the Cybersecurity and Infrastructure Security Agency (CISA), Washington, and panel moderator, said the goals of cybersecurity can be broken into two aspects: defend today and secure tomorrow.
Everyone should be enabled to have their information secured, Brown said. This can be achieved by doing a general risk assessment of the potential threats your company faces when it comes to securing data and information. Companies should be asking themselves what they need to be worrying about. Defending a company's data and information comes in the systems and programs a company has set up to tackle breaches and threats.
Coogan explained that it's important to strategize defenses. “Block and tackle the problem and move forward, don’t burn yourself out trying to analyze the attacks,” he said. And, when a breach occurs, it doesn’t mean a company needs to totally restructure its system. “Understand the scope of the issue and move forward,” he said.
Securing company data for the future comes in many forms, not just the way a company plans to attack and manage breaches. The panelists all agreed that hardware hacking is a very serious issue that is happening because of neglect of data security or blatant theft. John Segerian, chairman and CEO of ERI, Fresno, California, shared insights into the destruction of data as an important means of cybersecurity.
“Efficient data destruction is needed to protect your home, your assets and your people,” he said.
There is a huge market for purchasing old electronics. Brown shared that up to 50 percent of bidders on containers have some interest in homeland security.
In securing your data for tomorrow, insurance options can support your business. Kathleen Curley, national account director at the cyber practice of New York-based Risk Strategies, said cyber insurance has hardened over the last two years.
“Limits are restricted and there are policy guardrails,” she said. “It can become difficult to procure insurance but the policies have value so they are important to have.”