“Walk with caution in dealing with technology,” said Ben Cameron of the Brunswick-based Harbor Digital, a company that works in IT management. “I look forward to the day where I can go back to a flip phone, honestly.”

Today’s technology has put more at our fingertips than generations before us could have ever dreamed — think artificial intelligence, virtually unlimited access to information and the ability to order food to your door with just the touch of a button. But with it has come a deluge of risks to sensitive information, and Cameron cautions that bad actors are going after whatever they can get.

“I believe that we may, this far north, sometimes live in a world of denial that ‘that’s not going to happen to me,'” he said. “The reality is it can happen to anybody. They may not be targeting you, but it just takes one bad click and one thumb drive.”

In just the first two weeks of 2025, the Office of the Maine Attorney General has posted to its website nearly 30 data breach notifications that could effect Mainers. While many of the companies listed are not Maine-based, some cases note that thousands of Mainers are impacted.

Here in the Midcoast, Cameron is doing what he can to help keep his community aware of the dangers, including hosting a free forum, Navigating the Digital Ocean of Cybersecurity Threats, at Brunswick Landing next Tuesday.

“Cybersecurity has been hitting hard with us in the last three years; we want to make sure our customers are covered,” he said. “I wanted to give some more training.”

He founded his company, Harbor Digital (which had a couple of name iterations until 2011), in 2001 after he said his father’s business was being taken advantage of.

“I’d always come home and fix everything that the company he was having work for him said they fixed but didn’t fix. And that’s when we said there was a niche here to really be proactive about how we do things, as well as make sure you have a level of integrity that you’re keeping with all of your clients,” he said. “That’s sort of the golden rule we’ve stood by.”

Now, the business mainly helps clients within a two-hour radius of Brunswick — though Cameron notes that there are a few clients scattered across the country as well. Many of these businesses — ranging from dental and small medical offices to manufacturers — deal with sensitive information.

The goal, he said, is to bring information of what’s happening in the cybersecurity field home to his local community.

“We’re not ones trying to hold all the cards close to the chest, I’m about educating them — the population — of what you need to be looking out for,” he said. “Be aware of what to be scared of.”

A growing threat

For the uninitiated, data security and the risks associated with it can seem overwhelming and, at times, too complex to understand.

Cameron sums it up as managing assets that people may want to go after, such as computers and servers that handle sensitive information. For businesses, he said it’s important to ensure there are safeguards in place should an attack happen to ensure entities can continue functioning with minimal losses.

Take the impact of the City of Baltimore ransomware attack in 2019. In May, vital files were encrypted for weeks as the attackers demanded hefty Bitcoin payments to regain access to them. The attack hindered real estate transactions and, overall, cost the city millions in lost and delayed revenue as well as the cost to restore systems, according to The Baltimore Sun.

More recently, a New England neighbor to the south was also victim in a data breach. The State of Rhode Island was notified in early December that hackers targeted the RIBridges data system — a program that health care entities such as Medicaid and the Supplemental Nutrition Assistance Program relied on, according to the Associated Press. The state recently announced that it is in the process of sending official letters to residents impacted by the attack.

Cameron pointed to proactive planning against attacks as a way to avoid disruptions or limit the spread of impact — it’s not just about educating people not to click suspicious links or knowing when to recognize phishing emails.

“We have to handle it from the aspect that they’re always going to click the link,” he said. “So, what stops have you put in place in the backside so that whatever (hackers have) done doesn’t hurt the data, doesn’t spread to the rest? What alerts are you getting that this is going on, as well as how fast can you mitigate it and then remediate it?”

As for what happens with the leaked or stolen data, those who can use it turn to the dark web — a “whole underworld of your information being bought and sold,” Cameron said.

This is why companies like Harbor Digital use tools to help clients monitor what personal information appears in this corner of the internet. If it has, he said the company has a playbook on how to make exposed information useless.

3 tips to consider

Ahead of next week’s information session, Cameron offered some insight on ways to safeguard information. In this day and age, he said it unfortunately boils down to making your information harder to get than the next person’s while keeping safe practices in mind.

“It doesn’t matter how small of a business you are or how big of a business you are — you’re still a target,” he said. “… We have to do the best we can on a day-to-day basis.”

Beef up entry points to data

“Multiform authentication has been a pain in everybody’s side. Nobody wants to go enter their user and password and then have to go look at their phone or device for a code,” Cameron said. “It’s necessary, though. It’s come to that point.”

He said that while biometric barriers for logins — such as using a face or fingerprint scan to access accounts — can be great, anything can ultimately be hacked.

Make passwords hard to get

It’s an old line that IT managers in companies across the country have touted: use complex passwords. Cameron also said that if you haven’t changed a password in 90 days, do so now.

But as passwords get harder to manage, he also cautioned against using unsafe methods of remembering them. Don’t use Chrome or Edge to remember a password, he said, as data can be scraped and pulled from browsers. Instead, he said to use a management tool that’s encrypted. One example he named was Bitwarden, an open-source password manager that has various pricing plans, including a free version for personal use.

Think twice on using shared plugin devices

Cameron referenced a client from a decade ago who was working overseas and used a thumb drive at a copier machine. After returning to the states, he said this client’s machines were “blipped” (or experienced a security breach) after using the same drive.

He warned that things have gotten a lot more sophisticated since then but to still be careful when passing around these types of data storage devices. The key is to “think twice” about inserting them into a computer, he said.

“Make sure you got antivirus protection software on it, make sure you got something that at least scans the media before it tries to process it,” he said.

Cameron said he will delve into more at next week’s session. There will also be a chance to sign up for sessions with Harbor Digital and chat about safety concerns.

“If you have a question about your security, come sit down and come do it,” Cameron said.

The event is from 11:30 a.m. to 12:30 p.m. Tuesday, Jan. 21, in the TechPlace Classroom at 74 Orion St. The event is free but limited to 45 people. Anyone interested in attending can email Jaimie Logan at jaimiel@mrra.us or call 607-4195.