Avoid Cyber SurprisesOctober 27, 2017
How to Protect Your Business from a Cyber Attack
Hardly a week goes by without news of another business falling victim to a cyber attack.
The ones that make the news are big companies that impact on millions of customers. But unfortunately, cyber criminals target small- and medium-size businesses too.
Fact is, many small businesses can’t afford a full-time information technology staff that’s well-versed in the intricacies of cyber security. They don’t have the budget to hire cyber-defense employees who can watch over their networks 24 hours a day.
That’s why it’s important for everyone in your organization to be trained in safely handling business and customer data. In fact, many cyber criminals find their way into your system by fooling a company employee.
According to a recent article in CIO, a publication for chief information officers, people are still the weakest link in cyber security. The publication cited BakerHostetler’s 2017 Data Security Incident Response Report that phishing, hacking and malware accounted for most cyber-security incidents. You can read the article here.
There are ways to protect your business from a cyber attack without having to spend a lot of money or hire a full-time information-technology specialist.
Train your staff
One of the best ways to protect your business from a cyber attack is to train employees to recognize and thwart cyber criminals. They are your first line of defense.
In an article for the Harvard Business Review, a reformed cyber criminal explains how he duped employees to gain access to computer networks. “The greatest misconception about security is that a computer is the hacker’s most dangerous tool. Not so. It’s the phone,” writes Kevin Mitnick, in the first-person account you can read here.
“As security technologies improve, attackers are resorting to old-fashioned con games to get what they want. Why pound on the heavily defended corporate firewall when it’s easier to just trick the assistant who answers the phone into revealing his boss’s password?”
Lately, one of the most popular kinds of attacks are criminals who impersonate company executives in an email. Using a fictitious email loaded with a virus, the criminals can infect a network when an employee inadvertently opens an attachment that appears as if it came from someone they know and trust such as the CEO.
The key is to establish protocols that help employees protect the business. For example, require employees to pick up the phone to verify if an email was indeed sent by the author.
Sources of information
Business organizations provide useful information about cyber security. In recent years, chambers of commerce and other business groups have started offering seminars for their members on how to protect their business from a cyber attack.
For example, SCORE (https://www.score.org/), a group of retired business executives who provide free coaching to small businesses, conducts workshops cyber security. You can read a recent article by the organization on the subject here.
There are some useful websites published by government agencies too. With internet commerce a growing part of sales, the FCC (Federal Communications Commission) publishes cybersecurity tips for businesses here.
Evaluating business vulnerabilities such as cyber security is part of our advisory and consulting expertise, specifically within the QORVAL Technology Group.
To schedule a conversation please call us at 239-430-0303.