GROWING THREAT: Businesses and individuals must make cybersecurity a priority as web-based attacks increase in severity and scope.

• Position: DIGITAL PRIVACY AND CYBERSECURITY ROUND TABLE

THERE'S NO DENYING THAT CYBERCRIME IS ON THE RISE. In May, sensitive information about 143 million Americans was taken from Atlanta-based Equifax Inc., and investigations into Russian hacking affecting last year's presidential election are underway. Even small businesses and individuals are targets. Business North Carolina magazine recently assembled a panel of cybersecurity experts to help define the threats and offer defenses.

Brooks Raiford, president and CEO of Raleigh-based North Carolina Technology Association, moderated the discussion, which was hosted at the Raleigh office of the Brooks Pierce law firm. Brooks Pierce, Charlotte-based Dixon Hughes Goodman LLP and Montreat College provided support. The transcript was edited for brevity and clarity.

HOW DO BUSINESSES AND INDIVIDUALS VIEW CYBERSECUR1TY? HOW ARE THEY BEING ATTACKED?

QUICK I represent small to midsized businesses. Many wonder what they can do when large companies with seemingly endless resources, such as [Minneapolis-based] Target Corp. or Equifax, are breached. They wonder if they should do anything, which is even scarier. We suggest solutions to those who ask, but there are probably just as many not asking.

NYE The businesses targeted continue to evolve in which virtually all sectors are a target. Now, new and emerging techniques are being used on the back end. Many attacks originate from phishing campaigns, which use an email to target an individual. The subject hopes the recipient of the email will trust the validity of the email and click on a link or an attachment that contains malware. The FBI investigates insider threats, business email compromises and email account takeovers. We're seeing a rise in real-estate fraud, where cybercriminals manipulate homeowners during closing, providing the buyer with new wiring instructions that reroute money.

KOTYNSKI Criminals are learning company processes such as vendor payment. They inject themselves in the middle, where they have access to financial information or money. We're a public entity so many of our processes are accessible to the public. That makes us a bigger target.

DILLARD Many small to midsized companies are leaving them-selves wide open for an attack by having nonexistent or minimal cybersecurity infrastructure. That also leaves little usable forensic data after a breach. The coverage gap is mosdy due to a lack of awareness of the risks. Some don't believe they are a target. That changes after a breach, especially when they face a huge bill to clean up the mess.

THOMPSON Many top executives believe the answer is simply hiring a corporate information officer. But there needs to be more behind the scenes than up-to-date technology. They need tools to communicate with their technology team and whoever comes to help after a breach.

SAINE State government is the largest repository of residents' data in North Carolina. It's our job to protect residents. Our challenge is improving...