Published: January 30, 2022 on our newsletter Security Fraud News & Alerts Newsletter.
The road to keeping a business safe from cybercrime is littered with those having good intentions but poor execution. This can result from lack of insight into what data a company needs to protect most, and how valuable that data is to those looking to exploit it. Different organizations need different approaches to data protection and it’s not a one size-fits-all scenario. Providing the right protection for the right data is vital and can help keep a business, well, in business.
Technology tools that you can’t see, like those behind protecting data, resource management, and financial transactions are often the exact tools that cybercriminals exploit. Verizon’s 2019 Data Breach Investigations report finds 43% of breach victims are small-to-medium-sized (SMBs) companies. IBM’s 2020 Cost of a Data Breach Report shows the average cost of a breach in 2020 was $3.86 million and took 280 days to identify and contain. It’s no wonder 60% of SMBs close their doors within six months of a data breach. The steps listed below can help any sized business protect their data and help keep the doors open and the lights on.
Better Data Protection Starts Here
Ongoing employee cyber education. Employees are often the first line of defense against cyberattacks, including BEC (business email compromise). Since 88% of data breaches come from human error, a cyber-smart staff can help stop a breach from happening. Education should be ongoing and not a once-a-year effort since attacks can trend and change over time, making them more difficult to spot. Consider additional training for departments most vulnerable to attack like those working with accounting or financial transactions.
Use additional authentication layers. Otherwise known as two-factor (2FA) or multi-factor authentication (MFA). The more layers there are for employees and vendors to login with, the more difficult it is for bad actors to sneak into a data system. Consider additional login verification layers for staffers and departments working with sensitive information.
Proper disposal of technology devices. Since outdated devices still hold sensitive data, replacing them with updated technology needs to be done safely. Simply tossing an old device in the trash should never be an option. Devices need their data wiped clean before disposal, including printers and copiers. Proper disposal should include environmental responsibility offered at most recycling events and from others who provide responsible device destruction.
Review your cybersecurity practices regularly. Since cyberattacks change and trend over time, regularly auditing procedures and processes are a security must-do. Security and system software that is up-to-date can provide a much tougher environment for hackers to enter and launch an attack.
Update System Software. Old software and apps are a security risk and updating them as soon as possible is always recommended. Hackers know the flaws behind older software and how to exploit them, so patching vulnerabilities with updated software from a trusted vendor should be done as soon as it’s available. You never want to make it easier for bad actors to attack your systems.
Consider cyber insurance. Due to how destructive and costly a hack can be, adding a cyber insurance policy can be a smart move and an investment in your company’s continued success. Those companies actively taking steps to reduce their risk of cyberattack are more attractive to insurers. The investment will be well worth the price tag if cybercriminals break into your data system and do considerable damage to your business, finances, clients, and reputation.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at advisor@nadicent.com