Share this article on:
With hackers and cyber criminals becoming ever more ingenious, businesses must be hyper-vigilant on multiple fronts. Brendan Maree from 8x8 explains.
Was your organisation hacked or did it have its data compromised sometime in the last year or two? If you answered in the negative, you’re one of the lucky ones. Hackers and cyber criminals have had a veritable field day since the onset of the COVID pandemic; capitalising on the fear and uncertainty generated by the crisis to launch scams and phishing campaigns galore.
A roll call of household name organisations experienced data breaches in 2021 – from Carnival Cruises to real estate giant Ray White and UnitingCare – along with a string of smaller players whose cyber struggles were not dramatic enough to make the headlines.
Fighting formidable adversaries
Because of the deep well of customer and corporate information to which they can provide access, contact centres and communication platforms are attractive targets for bad actors.
When they’re not employing AI to sniff out network vulnerabilities, these unscrupulous individuals are using advanced psychological techniques to exploit human weaknesses, via sophisticated phishing campaigns.
And they’re doing pretty well at it, too. A whopping 85 per cent of data breaches last year involved a human element, according to the Verizon 2021 Data Breach Investigations Report.
Against this backdrop, it behoves security teams to step up their already considerable efforts to safeguard solutions and data from compromise or attack – and business leaders to back them to the hilt in this endeavour.
Here are some of the ways you can protect your organisation’s critical communications infrastructure more effectively.
Get serious about cloud security
If, in common with scores of other businesses of all stripes and sizes, you’re looking to migrate your contact centre operations to the cloud, it pays to take a close interest in the vendors you’re thinking of entrusting with your data. Smart operators are the ones asking the tough questions – about what security controls are in place, how uptime is maintained, what back-up windows consist of, and whether redundant data centres are in place to aid data recovery efforts. Become one of them and bake security into your communication solutions via a zero-trust strategy too, and you’ll have made your contact centre a much harder target.
Educate your agents
If there’s one thing all organisations need to know about phishing, it’s this: phishing works. Scarily well, in many cases. More than a third of untrained users will fail a phishing test, according to KnowBe4’s 2021 Industry Benchmarking Report.
Opening and responding to emails is part of the job description for contact centre agents. The best way to prevent yours from being tricked into revealing corporate information, or providing network access, is to educate them. Quarterly training will ensure the security information you impart remains top of mind for everyone on the team. Augment it with simulated phishing security tests, to determine who hasn’t paid attention or needs more sessions, and you may well save your organisation from an expensive and disruptive click-induced cyber incident.
Harness the power of AI and crowd-sourced intelligence
Potential intrusions come in many guises, and in today’s times, these are coming ever more frequently. It’s all but impossible for sparsely resourced small and mid-sized organisations to see them off, unless they harness the power of technology to do so. Seeking out an on-premises or SaaS security solution that uses AI and machine learning to detect anomalous behaviour and block potential intrusions is fast becoming Cyber Security 101. Fail to do so and you’re making your contact centre the sort of soft target unscrupulous operators love to home in on. And if you’re not already a participant, joining a threat intelligence sharing program is a great way to increase your knowledge of the latest prevention and remediation techniques.
Keep an eye on your APIs
They’re the connectors that allow you to capitalise on the power of data by linking disparate applications and communication channels together and, if you’re not careful, the APIs you use in your contact centre can also be a prime avenue for phishing activities. Before you deploy these to manage status alerts, user authentication and the like, have your security team or expert advisers evaluate their code and ensure they’re configured correctly.
Protect and prosper
In today’s times, cyber compromise or attack is one of the greatest risks faced by businesses. That’s why taking steps to ensure your contact centre is as far from the firing line as possible has never been more important.
Brendan Maree, vice president APAC at 8x8.