Information security experts highlight emerging threats during Davis College of Business Cybersecurity Trends panel
In the last 30 days, Jacksonville University blocked nearly 43,000 password attacks,
in which attackers attempted to access password-protected accounts. In July, multiple
attackers, primarily from China and Korea, unsuccessfully tried to log in more than
275,000 times over seven hours.
As a result of emerging cyber threats, a group of information technology security
professionals recently gathered at the Davis College of Business and Technology for
a panel discussion, presented by the Department of Homeland Security and Florida Blue,
to discuss the latest trends and best practices in cybersecurity with local companies
and organizations.
The panelists included JEA Chief Information Officer Brad Krol; Guidewell Vice President
and Chief Information Security Officer Jason Raymond; Senior Cybersecurity Manager
Taryn Swietek; and Department of Homeland Security Supervisory Protective Security
Adviser Kirby Wedekind.
Moderated by Dr. Mini Zeng, Jacksonville University’s Center for Cybersecurity director
and associate professor of computing science in the Davis College, the panel opened
by discussing the most significant emerging threats organizations should be aware
of this year.
According to Brad Krol, some of the top threats are phishing, ransomware and vulnerability
management. “In regard to ransomware, it’s not a matter of ‘if’ but ‘when’ it will
happen. Being able to detect and respond to cyber events is critical,” he said, noting
that offline and out-of-region backups are essential.
Raymond agreed that organizations need to keep an eye on AI but stated that the greatest
threat is people. “If you think about the IBM breach report published in 2024, the
No. 1 factor for companies that fared better after being victimized was that they
were heavily invested in employee training.”
Wedekind shared that China remains the most active and persistent cyber threat to
U.S. government, private-sector and critical infrastructure networks. “Beijing’s cyber
espionage pursuits and its industry’s export of surveillance, information and communications
technologies increase the threat of aggressive cyber operations against the United
States and suppress the free flow of information in cyberspace,” he said.
The panel then moved to best practices for organizations facing recent IT disruptions.
Swietek emphasized the importance of redundancy. “Don’t rely on one tool to do everything,
and have that redundancy to protect your infrastructure should your primary systems
go down,” she said. “Run updates in a test environment before moving them to production.
If you don’t have a test environment, I’d suggest setting one up.”
“Cybersecurity is everyone’s responsibility,” Wedekind said. “Providing interesting
and compelling stories that demystify how IT works, and the cybersecurity measures
required to protect it can help people understand why it’s so important to use complex
passwords and a password locker, update operating systems, implement multifactor authentication
wherever possible, and know how to identify and report phishing.”
Ultimately, the panel’s insights offered a valuable glimpse into the complex nature
of cybersecurity and raised awareness of how organizations might begin to address
these threats and challenges in the year ahead.
link