This week on ArtEvolve, Federico Feliziani, Chief Technology Officer of Articheck, and Mackenzie Garrity, CCO of Articheck, talked about cybersecurity and why this sometimes overlooked topic is of vital importance to art organizations.
Art world cybersecurity concerns
- Theft of artworks
- Reputation damage
- Monetary loss
- Loss of control
Top 10 cybersecurity terms
Threat – something with the potential to harm a system
Harm – damage to a system or organization, e.g. loss of productivity or monetary loss
Risk – probability of the threat becoming a viable harm
Countermeasure – action taken to prevent or mitigate a threat
OWASP Top 10 – industry standards for cybersecurity (click here to see the latest OWASP list)
Authentication – verifies the identity of a user or service (who are you?)
Authorization – determines a user’s access rights (what do you want?)
Encryption – translating data from plaintext (unencrypted) to ciphertext (encrypted). Authorized users can decrypt and read data with a key
2FA/Two-Factor Authentication – strengthens security by requiring two methods to verify identity
Cloud – access to computer systems via the internet, often distributed across multiple locations
5 cybersecurity actions to take right now
Send sensitive data securely
Sensitive data, such as the location and value of artworks, should never be accessible outside of authorized parties and yet email is one of the most easily hacked forms of communication. Emails can also be forwarded on to unknown recipients and content or attachments, such as PDFs, easily altered. Look for cloud-based services, which only grant access to data after authentication and authorization via 2FA, to share data with others securely.
Use 2FA – two-factor authentication
Easily memorizable passwords are unsecure and easily hacked. Reusing the same password across multiple accounts also comprises all those accounts, should one be hacked. Switching on 2FA is an easy way to greatly increase the security of your accounts and protect your data.
Keep software updated
Hackers are always working on new ways to attack vulnerabilities in systems and so developers must continually work on improvements to defenses. Staying up to date with software updates is the only way to make use of their latest bug fixes and security upgrades.
Use hardware best practices
Don’t forget about your local devices too! Be sure to use passwords, screen timeouts, and make regular backups. Old devices you’re no longer using can also contain sensitive information – log out of accounts and reset settings if you’re no longer using old phones, iPads, and tablets.
Encourage Employee Education
Employees are often the first to interact with threats and so are your organization’s first line of defense – if they know what to look for and what actions to take, that is. Empower staff to take action by offering training and creating a clear security policy. Hint: download the presentation above and use it as a reference!
Thank you for joining this Cybersecurity Masterclass, part of the ArtEvolve webinar series!