The smallest businesses often assume there is no reason cyber criminals would attack their computer systems, but according to Darin Andersen, they’re at the highest risk.
Andersen is the chief operating officer of the local anti-virus maker ESET, but he’s also a leader of the Securing our eCity program, an organization dedicated to making San Diego as safe from cyber attacks as possible. A major component of the program is educating small businesses on what they can do to prevent becoming victims of hackers.
Since heads of small companies often feel as though they have nothing to offer cyber criminals the way a financial firm or military contractor might, they don’t always have the strongest defenses up. In fact, Andersen explained, there is plenty of information, such as employees’ Social Security numbers, that small companies keep on their networks, and their lack of defense makes them easy prey.
“We’re creating awareness among small businesses that they need to be cautious and undertake good security practices, whether that’s good technology or training for employees,” Andersen said. “Small businesses provide very fruitful hunting grounds for these bad guys.”
Securing our eCity works on several levels. The group gives seminars free of charge to offices, teaching employees skills on avoiding viruses, from not clicking certain links, to being cautious on social networking sites. The group also has members who lobby the government to make stronger Web safety laws, and law enforcement to help stop threats.
While ESET has a financial interest in companies taking a harder look at their firewalls, Andersen said the Securing our eCity program is more than an attempt to sell software. The program is a partnership between ESET, the San Diego Regional Chamber of Commerce, government, law enforcement and the military.
A former chief executive of ESET started the program after realizing that no matter how strong his company’s software was made to protect computers, systems were still vulnerable to attack through viruses attached to links and attachments, Andersen said.
“No one was training people on what they should and should not click on,” he said. “The criminals and the organized crime that’s on the Web are preying on the behavioral side of cyber security, getting people to unknowingly click on things they shouldn’t.”
The company started conducting free workshops for businesses, teaching employees how to recognize the signs of a virus, even in e-mails and messages from people they knew.
The program got the attention of the Department of Homeland Security and even the White House, which encouraged ESET to expand the program. ESET called together stakeholders, such as business groups and local government, and the group decided to work together to make San Diego a “beacon” of cyber security, the most secure city in the country.
Andersen said the city has a lot of advantages in creating a program like Securing our eCity, and that it could be a boon for the region.
“This portends a great opportunity for a community like San Diego that can take advantage of its unique assets of high-tech infrastructure, world class universities, its high Navy presence … the proximity to Mexico, the fact that we’re a port,” Andersen said. “All these things make San Diego uniquely positioned, and that means new jobs in a difficult economy.”
Securing our eCity has about 250 members, or stakeholders. The group is talking about expanding to other cities with similar needs, such as Washington, D.C., and San Antonio, Texas.
Andersen said cyber terrorism has become a growing problem over the last decade, with gangs operating from countries that turn a blind eye to state-sponsored hacking, such as China. Iran was recently hit with an extremely sophisticated worm called StuxNet that some people theorize came from the defense departments of China, Israel or maybe even the United States.
While companies in the financial, health and defense industries are generally the biggest targets for hacking; those kinds of companies also have the highest security. Hackers target smaller companies because they are easier to break into.
Andersen said a company is only as safe as its most technologically ignorant employees allow it to be.
“Most of us have to go to work for a living, so there’s growing awareness just in the home and business sector,” he said. “It starts with awareness and good judgment. You shouldn’t click on things that it doesn’t feel like you should click on.”
610 West Ash Street
San Diego, CA 92101
Oct. 14, 2014 -- Executive Editor George Chamberlin discusses cybersecurity with Andrew Lee, CEO of ESET, and retired Rear Adm. Kenneth Slaght, vice president of naval IT solutions for General Dynamics.
Feb. 18, 2010 -- Executive Editor George Chamberlin speaks with Darin Andersen, COO of ESET, following a roundtable discussion on cyber security.