A CYBER ATTACK CAN BE DEVASTATING to any business. And the threat is growing. By 2021, the annual cost of cyber crime is expected to hit $6 trillion, a 200% increase over 2015.1 And that figure doesn't even begin to calculate the cost of losing your customers’ trust if their personal data is compromised. Clearly, it’s critical for every business owner to implement a security program that protects against the evolving risks from cyber crime. These six recommendations can help you protect your business and your customers.
Put a cyber defense plan in place.
Be sure that you have rigorous policies, processes and systems in place to detect and block cyber attacks. Cyber criminals use a variety of highly effective schemes, including bogus email invoices and impersonating a trusted individual in correspondence, to convince employees to unwittingly help them commit cyber fraud. In addition, emails that contain links or attachments, if clicked or opened, can allow cyber criminals to gain access to your systems.
Have a back-up data strategy in place to help in the event that your corporate site is the subject of a ransomware attack.
You can help to defend against these efforts by educating your employees about the risks of cyber crime, investing in antivirus software, and keeping all your software programs up to date. It’s also a good idea to review the security systems of the partners and vendors you work with. And have a back-up data strategy in place to help in the event that your corporate site is the subject of a ransomware attack—in which malware infiltrates your system and cyber criminals hold your business hostage until a fee is paid.
Keep employees up-to-date.
Cyber criminals uncover and target 480 new vulnerabilities every minute.2 Hold regular training sessions to keep employees briefed on the latest scams and how to identify and respond to them.
Review—and bolster—all processes related to financial transactions.
Establish procedures for managing unusual account or payment change requests, if you don’t already have them. For instance, you could instruct employees to confirm all unusual money requests in person or on the phone, using a phone number on file—not one listed in an email. Another best practice is to require two employees to initiate and approve financial transactions or changes to customer or business accounts.
Limit system access.
Minimize your company’s vulnerability by restricting who can access your system—and what they’re able to see. If it’s not essential to their job, don’t grant access. Use unique email addresses, logins, servers and domain names for each user or user base.
Strengthen your passwords.
If you’re using a simple, easily guessed password like “123456” or “password” as a login, you’re putting out the welcome mat for cyber criminals. Protect your accounts and devices with a strong password and use two-factor authentication or biometric ID (such as a fingerprint). And give serious consideration to using a password manager, which can help ensure that you have a complex, different password for every account without having to memorize them all. (Search for “Password Manager” in your app store.)
Stay safe on the road.
Before traveling, back up your devices and update your operating systems. That way, if your laptop or phone does become compromised, you can wipe it clean and restore from a recent backup. While traveling, disable your device’s remote connectivity as well as automatic Wi-Fi and Bluetooth connections, and only connect to networks you know are trustworthy. It’s a good idea to use a virtual private network (VPN) at all times, but it’s even more critical on the road. Be aware, though, that you may have difficulty accessing some financial firms' websites through a VPN because of the anti-fraud protections they've in place. In that case, you might prefer to wait until you can access the site through a secure, trusted connection. A privacy screen is also smart, as it prevents people from physically peeking over your shoulder as you work at the coffee shop or on the train.