Discussing Cybersecurity can bring about questions. Many, many questions. We understand that. Cybersecurity can be overwhelming. Because of that, we thought you would appreciate an overview of some of the most typical Cybersecurity questions, and of course, the answers to go along with them. Let’s jump in!
Cybersecurity is the process of protecting your networks, systems, devices, and programs from cyber-attacks. In a nutshell, Cybersecurity is your organization’s way of protecting the company, employees, and customers from the plots that hackers are trying to implement.
Benefits are often viewed as tangible elements. The benefits of a strong Cybersecurity program, however, are intangible. Cybersecurity is all about prevention – stopping a hacker from accessing company, customer and employee data. And this prevention equals a level of protection for your networks and data. It also means peace of mind for your employees and customers because they are confident that the data and information that they have shared with your organization is safe. And, let’s face it, some of that data is valuable – credit card information, social security information, medical information, billing information and access to products are just a few examples. That prevention also equates to confidence in your business from customers, employees, and stakeholders. And, lastly, it means that if a cyber attack were to occur, your organization is prepared to swiftly handle the situation and minimize the impact.
Training for Cybersecurity can be tricky. Why? Because most of the training should be focused on empowering employees to not click on a link, not open an attachment, and to call attention to something that might be a phishing email. In general, it is counter-intuitive to the day-to-day operations of the majority of employees out there. Not to worry, training can be done and can be very effective.
When implementing training, keep in mind that repetition is important. Employees have a lot going on throughout the day, so keeping Cybersecurity top of mind is one of the best ways to prevent an attack. Here are a few “rules of thumb” to discuss, share, and maybe even post within your office:
• Keep an eye out for obvious typos. Typos are often a sign of a phishing email.
• Do not reply to emails from an unknown source. And, when in doubt, check with your IT team.
• If you weren’t expecting the attachment, do not download it. Hackers will often send malware in the form of attachments in an attempt to get you to download them.
• Verify URLs before clicking on them by hovering over them.
• Keep your work (and personal) devices locked when not in use. Don’t use the same password for different web sites and services! Keep them different and use a Password Manager to keep track.
• Check with your internal IT, or outsourced IT consulting company, before downloading software. The software may seem harmless, but it is best to confirm that it is acceptable to download and install. Some software may interfere with other software already on your device.
• Use strong and complex passwords. Yes, it may sound like a hassle, but it is your first line of defense in blocking hackers.
• If something seems odd, report it to your IT team. It is far better to call out a potential issue (even if it turns out to be a non-issue), then it is to deal with a cyber-attack.
Yes! In fact, approximately 58% of data breaches happen to small businesses. And, two-thirds of SMB’s have suffered a cyberattack within the past 12 months! Why? Because hackers look for the path of least resistance, the easy route. And small businesses that have the “it won’t happen to me” thought are a dream for hackers. Even those small businesses that have anti-virus software are at risk. One report indicated that 82% of those attacked said that malware was able to get through their anti-virus software. The bottom line is that no business, large or small, should consider themselves safe. Take the proper precautions and implement a Cybersecurity program for your organization.
The types of data can vary by the hacker, and by cyber-attack, however, hackers are typically after data that they can make money off of or leverage in other attacks. A few examples of data that hackers may be interested in are:
• Customer information including both personal and company level details
• Users of your software, and their account information
• Credit and debit card information
• Bank account information of organizations and individuals
• Employee information including social security numbers, driver’s license numbers, birth dates, addresses, and medical details
The cost of a cyber-attack isn’t just about dollars. It’s also about reputation with customers, potential to lose customers, employee downtime, loss of employees, and data left. That said, numbers can help accentuate a point, so here we go:
• The average cost of a cyber-attack is around $3 million. This includes ransom amounts, outages, disruption, and downtime.
• Nearly half of businesses report that an attack resulted in more than 8 hours of downtime (that is an entire day!).
• Operational/productivity loss (54%) is cited as the top impact of cyber-attacks.
• A negative customer experience is near the top impact of attacks as well, at 43%.
Read Cybersecurity articles, blogs and tips, attend Cybersecurity learning events, chat with IT professionals, and consider working with an outsourced IT consulting company. What’s important is that you stay informed and up-to-date on Cybersecurity trends. Educating yourself, and your employees can go a long way in protecting your organization from a cyber-attack.