PEORIA MAGAZINE April 2022

quickly that it is difficult for consumers to anticipate consequences, especially when the marketing for devices and apps is so effective.” Beyond that, even if you, personally, do everything right, we’re all handcuffed to one another now. “When one vendor has a problem,” said Scuffham, it “cascades to other businesses or customers.” The federal government has begun to address that issue by passing laws requiring companies to put protections in place, and by sharing best pract ices and cyber threat intelligence. The consensus seems to be, though, that we have a long way to go. As Glen Gerstell, former general counsel at the National Security Agency (NSA), argued recently in a New York Times op-ed, “American businesses aren’t ready for a war in cyberspace” and “the weekly reports of ransomware attacks and data breaches make it clear that we’re losing this battle.” He maintains that America’s cyber defense system is too decentralized, go-it-alone attitudes in both public and private sectors continue to prevail, and bureaucratic inertia and partisan divisions prevent any meaningful progress on a major threat. Gerstell concludes by writing that “if we don’t want to have to worry about Russian hackers contaminating our drinking water every time we turn on the faucet, now is the time to rethink our approach.” Peoria’s private university is doing its best to protect itself. Bradley fol lows the National Institute of Standards Cyber Security Framework, which breaks down cybersecurity into five categories: Identify, Protect, Detect, Respond and Recover.

“Bradley University identifies its data, where it’s stored, who uses it, and why it’s needed. We identify what is on our network, who is responsible for it, and what it’s communicating with,” Scuffham said. “We identify who is targeting us and how they operate.” Even with the best protections in place, however, “malicious things will still make it through,” he said. Bradley “has detections in place and cybersecurity analysts who threat hunt,” or look for things out of the ordinary. “Time is of the essence, so a quick response helps to limit damage.” Meanwhi le, the universit y is preparing a new generation of young people to contend with these threats, on defense and offense. In 2017, BU opened its Center for Cybersecurity and began offering a cybersecurityminorandaconcentration within the management information systems major. The resulting growth in student enrollment – up 125 percent annually since 2018 — has prompted Bradley to invest in developing a multidisciplinary cybersecurity major, online next fall, with plans to pursue designation from the NSA. Among the most popular courses is Advanced Ethical Hacking, which has students performing a real-world security assessment for a local small business. They simulate how real attackers might compromise the organization, report their findings and make recommendations for correction. “From what I have seen, most people are either unaware or do not think they would be a target,” said Scuffham. “It is really about practicing good cyber hygiene.”

David Scuffham

Jacob Young

SO, HOW VULNERABLE ARE WE IN CENTRAL ILLINOIS? That depends, though “unfortunately, we are less secure than most would like to believe,” said Young. “Human beings are always the weakest link in any organization. Many still assume that maintaining organizational security is the sole responsibility of the IT department and fail to recognize how critical it is for all employees to maintain vigilance.” That starts with practicing “good cyber hygiene,” said Scuffham, who offered the following tips: • Understand the value of your data and take seriously the threats. • Keep your systems up to date. Replace software that is unsupported (stop using Windows XP and Windows 7, for example). • Use strong and complex – and therefore more secure – passwords, and don’t use the same one over and over. • Enable Multi-Factor Authentication (MFA) on websites that support it. • Think before you click. Be especially careful with emails and unfamiliar links. “Successful cybersecurity defense, for both individuals and organizations, truly starts with awareness. The better someone understands the threats, the better he or she will be able to evaluate the risks,” said Young. “That said, we can never mitigate every risk, therefore we need to learn how to prioritize our time and resources on risks with the highest likelihood and impact. “The challenge, of course, is keeping up with the ever-evolving threat landscape. Technology changes so

“SUCCESSFUL CYBERSECURITY DEFENSE, FOR BOTH INDIVIDUALS AND ORGANIZATIONS, TRULY STARTS WITH AWARENESS”

Jacob Young, Director of Bradley University’s Center for CyberSecurity

Mike Bailey is editor in chief of Peoria Magazine

APRIL 2022 PEORIA MAGAZINE 57