A CYBER INCIDENT CAN BE DEVASTATING to any business. And the threat is growing. By 2021, the annual cost of cyber crime is expected to exceed $6 trillion, up from $3 trillion in 2015.1 And that figure doesn't even begin to calculate the cost of losing your customers’ trust if their personal data is compromised. Clearly, it’s critical for every business owner to implement a security program that protects against the evolving risks from cyber crime. These six recommendations can help you protect your business and your customers.
Put a cyber-defense plan in place.
Be sure that you have rigorous policies, processes and systems in place to detect and block cyber incidents. Cyber criminals use a variety of highly effective schemes, including bogus email invoices and impersonating a trusted individual in correspondence, to convince employees to unwittingly help them commit cyber fraud. In addition, emails that contain links or attachments, if clicked or opened, can allow cyber criminals to gain access to your systems.
Have a backup data strategy in place to help in the event that your corporate site is the subject of a ransomware incident.
You can help to defend against these efforts by educating your employees about the risks of cyber crime, investing in antivirus software and keeping all your software programs up to date. It’s also a good idea to review the security systems of the partners and vendors you work with. And have a backup data strategy in place to help in the event that your corporate site is the subject of a ransomware incident—in which malware infiltrates your system and cyber criminals hold your business hostage until a fee is paid.
Keep employees up to date.
In the first quarter of 2019 alone, over 65 million pieces of new malware were discovered.2 Hold regular training sessions to keep employees briefed on the latest scams and how to identify and respond to them.
Review—and bolster—all processes related to financial transactions.
Establish procedures for managing unusual account or payment change requests, if you don’t already have them. For instance, you could instruct employees to confirm all unusual money requests in person or on the phone, using a phone number on file—not one listed in an email. Another best practice is to require multiple-person approvals for financial transactions or changes to customer or business accounts. The exact means for handling this will depend on your company’s business model and capabilities—there’s no one-size-fits-all process.
Limit system access.
Minimize your company’s vulnerability by restricting who can access your system—and what they’re able to see. If it’s not essential to their job, don’t grant access. Use unique email addresses, logins, servers and domain names for each user or user base.
Strengthen your passwords.
When you use easily guessed passwords like “123456” or “password,” your data and information are more at risk. Protect your accounts and devices with a strong password and use multifactor authentication or biometric ID (such as a fingerprint). And give serious consideration to using a password manager, which can help ensure that you have a complex, different password for every account without having to memorize them all.
Stay safe on the road.
Before traveling, back up your devices and update your operating systems. That way, if your laptop or phone does become compromised, you can wipe it clean and restore from a recent backup. While traveling, disable your device’s remote connectivity as well as automatic Wi-Fi and Bluetooth connections, and only connect to networks you know are trustworthy. It’s a good idea to use a virtual private network (VPN) at all times, but it’s even more critical on the road. Be aware, though, that you may have difficulty accessing some financial firms' websites through a VPN because of the anti-fraud protections they've put in place. In that case, you might prefer to wait until you can access the site through a secure, trusted connection. A privacy screen is also smart, as it prevents people from physically peeking over your shoulder as you work at the coffee shop or on the train.