Technology has become intertwined in all aspects of our lives, from our cell phones and televisions to our home appliances and vehicles. It is understandable then, that nearly every business uses technology in some aspect of their operations. While the use of technology for business has the potential to provide a competitive edge in the marketplace, it can also present a liability to the business due to the risk of data and security breaches. Businesses can mitigate these threats by implementing cybersecurity measures. Cybersecurity is defined as the protection of Internet-connected systems, including hardware, software, and data, from cyber attacks.
With breaches and hacks hitting our most commonly used systems, cybersecurity has become a daily exercise for businesses. The statistics on cybersecurity costs and risks are a stark reminder of the struggles businesses face and what is at stake:
- According to 2017 statistics, there are over 130 large-scale, targeted breaches in the U.S. per year, and that number is growing by 27 percent per year. (Accenture)
- There are around 24,000 malicious mobile apps blocked every day. (Symantec)
- The app categories with most cybersecurity issues are lifestyle apps, which account for 27 percent of malicious apps. Music and audio apps account for 20 percent. (Symantec)
- Including turnover of customers, increased customer acquisition activities, reputation losses, and diminished goodwill the cost of lost business globally was highest for U.S. companies at $4.13 million per company. (Ponemon Institute’s 2017 Cost of Data Breach Study)
- Damage related to cybercrime is projected to hit $6 trillion annually by 2021. (Cybersecurity Ventures)
- 41 percent of companies have over 1,000 sensitive files including credit card numbers and health records left unprotected. (Varonis)
The good news is that despite the risks and the constant threat of attacks, your business does not have to be sitting ducks. You can proactively protect your organization’s systems and most sensitive data. The United States Small Business Administration offered the following five tips to help secure your business:
- Protect against viruses, spyware, and other malicious code: Make sure each of your business’s computers are equipped with antivirus software and antispyware and update regularly. Such software is readily available online from a variety of vendors. All software vendors regularly provide patches and updates to their products to correct security problems and improve functionality. Configure all software to install updates automatically.
- Secure your networks: Safeguard your Internet connection by using a firewall and encrypting information. If you have a Wi-Fi network, make sure it is secure and hidden. To hide your Wi-Fi network, set up your wireless access point or router so it does not broadcast the network name, known as the Service Set Identifier (SSID). Password protect access to the router. Protect all pages on your public-facing websites, not just the checkout and sign-up pages.
- Educate employees about cyber threats and hold them accountable: Educate your employees about online threats and how to protect your business’s data, including safe use of social networking sites. Depending on the nature of your business, employees might be introducing competitors to sensitive details about your firm’s internal business. Employees should be informed about how to post online in a way that does not reveal any trade secrets to the public or competing businesses. Hold employees accountable to the business’s Internet security policies and procedures.
- Make backup copies of important business data and information: Regularly backup the data on all computers. Critical data includes word processing documents, electronic spreadsheets, databases, financial files, human resources files, and accounts receivable/payable files. Backup data automatically if possible, or at least weekly, and store the copies either offsite or on the cloud.
- Create a mobile device action plan: Mobile devices can create significant security and management challenges, especially if they hold confidential information or can access the corporate network. Require users to password protect their devices, encrypt their data, and install security apps to prevent criminals from stealing information while the phone is on public networks. Be sure to set reporting procedures for lost or stolen equipment.
Cybercriminals don’t stalk only the big companies; on the contrary, the smaller companies are softer targets and easier to penetrate. Cybersecurity measures such as the suggestions noted above are just as vitally important as a security alarm for a brick and mortar company. As a business owner, you must become proactive in identifying and mitigating the threats and risks that can impact your business.