5 tips to protect your business against cyber crime

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.tennessean.com/story/money/tech/2015/06/19/tips-protect-business-cyber-crime/28883365/


With 30,000 companies hacked every day, it’s no wonder cyber crime is
ranked one of the top five risks facing businesses this year, according to
the 2015 Allianz Risk Barometer report. It’s also the top emerging risk for
the next five years.

So why do so many businesses still underestimate the effects of cyber
attacks? Respondents of the Allianz report cite budget constraints as the
primary reason for their lack of preparedness for the potential damage
caused. What many business owners don’t realize is that cyber attacks cost
companies an average of $720,000 per incident, taking an average of 45 days
to resolve.

There’s a misconception that larger companies, like the Targets and Home
Depots of the world, are more likely to be the target of an attack. But,
according to the National Small Business Association, 44 percent of small
businesses have experienced a cyber attack. In fact, the malware attacker
that accessed Target’s private data did so by using the network access
privileges of one of Target’s heating and air conditioning vendors, Fazio
Mechanical Services, Inc. By acting as a portal, Fazio, a $12.5 million
dollar company, opened Target, a $72.6 billion dollar company, up to $420
million in potential losses.

Cyber crimes are increasing in number and intensity. Follow these five tips
to make sure you’re taking appropriate action to protect your business,
employees and customers against cyber crimes:

1. Update your anti-virus and anti-malware software. You may have installed
anti-virus software onto your computer, but when was the last time you
updated it? Cyber criminals are constantly looking for holes in security,
so by leaving your software unattended, you’re opening yourself up to an
attack. Update your software frequently and make sure it comes with backup
and restore ability so that you can recover any information you might lose.

2. Establish and enforce secure password protocols. It’s not unusual for
someone to default a computer password to “123456” without considering the
consequences. Unsurprisingly, Verizon’s 2015 Data Breach Investigation
Report found that the majority of data breaches stemmed from weak or stolen
credentials. Passwords should differ across platforms and it’s best to
change them often — every couple of months or so. Train your employees on
the importance of password security and provide them with strict security
protocols to follow.

3. Use a secure server for email communications. Hackers are always looking
for ways to steal your data and information. Keep it safe by storing it in
a secure server. Encrypting your company’s emails and communications is
another crucial step to deterring cyber criminals. While not undefeatable,
encryption presents an obstacle to hamper hackers’ progress. It will force
them to fight through an additional layer of protection, and that typically
isn’t worth their time.

4. Create a disaster recovery plan. While the above steps certainly help
prevent the likelihood of a cyber attack, they’re not foolproof. In the
event that your company does suffer an attack, are you ready to respond?
Include all necessary steps for responding to and recovering from a cyber
attack in a disaster recovery plan. Develop a communications plan so
everyone in the company knows whom the spokesperson is, who makes the
calls, what the talking points are, when customers should be notified, etc.

5. Purchase cyber liability insurance. Did you know that cyber crime isn’t
covered by general business liability insurance? Businesses are actually
liable for five types of cyber crime: unauthorized access, network damage,
human error, theft of digital assets and cyber extortion. Purchase cyber
liability insurance to ensure you’re fully prepared for the inevitable.
Cyber liability insurance covers notification fees, crisis management
costs, regulatory proceedings (fines and penalties) and credit monitoring
expenses for victims of the breach.

Sixty percent of small businesses close their doors for good after
suffering a cyber attack. Don’t be part of that statistic. Make sure your
business is prepared to weather the storm.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!