26th June 2023
Protecting Data in the Banknote Security World
RANSOMWARE ATTACKS ON THE RISE
For most businesses, protecting the organization and its data is a daily and ongoing battle. The biggest cyber threat in 2023 is still ransomware and organized criminals are increasingly acting as illicit service providers running online marketplaces offering hacker tools and stolen personal information. As an integrated global supplier of banknotes for central banks, Crane Currency supplies products that rely on trust – maintaining that trust means deploying IT (Information Technology) security and proactive measures to keep ahead of cyber criminals is a priority.
“Despite the growing number of cyberattacks in this world, I am slightly positive and hopeful. Criminals are ramping up, but governments and enterprises are also gearing up with expertise and new AI (Artificial Intelligence) based automation tools. Going forward, we must also increase the security awareness outside of the traditional IT departments – and introduce security education as standard work,” says Garth Nel, Senior Director, Global IT at Crane Currency.
“Crane is a Security Company Selling Security Products”
Garth Nel is based in Alpharetta, Georgia, where he leads a global IT organization. He oversees all security aspects at Crane Currency, from traditional IT including end-user PC’s, applications, ERP systems and IT infrastructure to the physical data center security at Crane’s sites in the US, Sweden, and Malta.
He has always been fascinated by manufacturing and how things are made. At an early age, Garth enjoyed tinkering with machines and gadgets, taking them apart and putting them back together. He also developed a love for computers – and today, he manages to combine his two passions at Crane Currency.
“In my view, we are a security company selling security products and I like our tagline, ‘Secure by Design.’ Paper making, printing, and manufacturing of banknote security technology is a unique business with security at its core,” says Garth Nel.
Ransomware Threat Will Continue to Evolve
IT security is a huge area, and a growing problem affecting many organizations is ransomware attacks, a type of malicious software that encrypts the victim’s data and demands a ransom for its decryption. Ransomware attacks often exploit vulnerabilities in e-mail and web security and the attackers use a variety of techniques to evade detection.
Analysts predict that ransomware will continue to evolve and become even more sophisticated and dangerous. It is therefore essential for businesses to take proactive measures to prevent ransomware attacks and if need be recover from them.
Crane Currency has invested heavily in IT and today has a very robust set of infrastructure equipment and tools to prevent unauthorized access to its network, including traditional firewalls and network detection equipment. Multiple backups are used to prevent data loss, including off-line backups. Crane Currency is ISO 27001 certified.
Having the right software and technology tools in place is essential, but Crane Currency also focuses on associate training and regular updates and tips via its internal “Cyber Security Express Newsletter.”
Zero Trust Strategy Ensures Closed Doors
Crane Currency has implemented an internal “Zero Trust” strategy to take full control of access to company data and resources. The strategy assumes that individuals, devices, and services attempting to gain access cannot be trusted – even those inside the network.
“We do not prevent people from working or slow them down, but the doors are most often closed unless opened via established protocols. We do not allow unauthorized devices such as USBs or unknown software installation – and do not automatically give full admin rights to laptop users. Cyber criminals tend to use social engineering techniques to lure business users to click on e.g., an e-mail link, so the doors must be closed,” says Garth Nel.
Top Three Security Tips for Business Users
When meeting customers and other businesses, Garth often gets questions on how they can improve their own security. Here are his top three tips for other business users:
- Take care of your passwords! Use a password safe or vault – and make sure to use two-factor authentication.
- Make sure to back-up your data using a dedicated cloud service or an external drive.
- Pay attention to your e-mails and the sender’s e-mail address – and do not click on suspicious links, especially those that want an urgent answer from you! If something looks suspicious, then it probably is.