Ask the Experts: Strengthen your defense against cyber threats
Cyber threats are evolving fast, and New Hampshire businesses are feeling the impact.
Ask the Experts: Strengthen your defense against cyber threats
Cyber threats are evolving fast, and New Hampshire businesses are feeling the impact. To help companies navigate this changing landscape, our panelist breaks down today’s most pressing risks, how AI is reshaping phishing scams, and the steps organizations can take to stay protected
Panelist: Shawn Huff, IT Operations Manager for A.I.M. Mutual Insurance Companies, aimmutual.com
Phishing scams remain the most common tactic, and unfortunately, they’re only becoming more sophisticated. These attacks can come as emails (phishing), texts (smishing) and voicemails (vishing). They can range from blanket, generic emails to very targeted efforts with high levels of personal social engineering. A successful phishing email can result in stolen login credentials, which may then lead to the exposure of sensitive data and even full network breaches. With the rise and accessibility of AI, attackers can now craft scams that are far more convincing.
AI tools are enhancing impersonation of writing styles, voices and even video, making it increasingly difficult to spot a fake. These tools are evolving rapidly, so the red flags we rely on today may not be reliable tomorrow.
How can we combat such complex impersonation tactics?
The best defense is verification. If something feels off in an email or voicemail, users must take a moment to confirm its authenticity using trusted contact information. If a colleague sends an unusual email, the recipient should call them using a known phone number. If a voicemail seems suspicious, reach out via the caller’s verified email address. A quick double-check can prevent a major issue.
How can organizations keep employees informed?
Consistent education is key. The more employees know about current threats, the better equipped they are to recognize and avoid them. We recommend regular training sessions, mandatory information sessions and timely emails that highlight emerging threats. It’s important to strike a balance — too little information leaves gaps, but too much can lead to fatigue.
New Hampshire ranks 40th in the country for cybercrime losses. Still, those costs in 2024 topped $52 million. How can businesses stay ahead of these threats?
Employees are the first line of defense. If an account is compromised, strong defenses can limit the damage. Tools like behavioral threat detection, role-based access controls and multifactor authentication are essential. While these measures may seem to slow things down, they’re worth the extra effort to protect your systems and your people.
Preparation is also crucial. Having up-to-date policies and guidelines, such as a Written Information Security Policy, an Incident Response Plan and a Business Continuity Plan helps in guiding employees about how to handle protected information and what to do in the case of an incident. Having a cybersecurity insurance policy can also greatly help to mitigate financial loss should an incident occur.
Your company is a regional workers’ compensation insurance carrier. How can cybersecurity affect the handling of workers’ compensation claims?
We have always recognized that cybersecurity plays a critical role in protecting the integrity of workers’ compensation claims. If sensitive employee data is exposed through a cyber breach, it can lead to delays, disputes or even fraudulent activity. A compromised system may also violate privacy laws, putting employers at legal risk. Ensuring strong cybersecurity measures helps maintain trust and safeguards both employee and employer interests.
What is the best way to stay as safe as possible?
As scary as all of this is, there is still hope. There are plenty of publicly available news sources that specifically cover the latest trends in cyberattacks. Websites such as cisa.gov and thehackernews.com both offer up-to-date news and trends. Advanced defense systems can be very effective in stopping malware and attackers if they get into the system, but keeping users informed is the real key. If people know what to look out for and what steps to take if they feel something is not right, then most attacks can be stopped before they even get started.
A.I.M. Mutual Insurance Companies is a workers’ compensation insurance carrier serving businesses in New Hampshire and throughout New England.
