By: Parker Rains, The Tennessean. With 30,000 companies hacked every day, it’s no wonder cyber crime is ranked one of the top five risks facing businesses this year, according to the 2015 Allianz Risk Barometer report. It’s also the top emerging risk for the next five years.
So why do so many businesses still underestimate the effects of cyber attacks? Respondents of the Allianz report cite budget constraints as the primary reason for their lack of preparedness for the potential damage caused. What many business owners don’t realize is that cyber attacks cost companies an average of $720,000 per incident, taking an average of 45 days to resolve.
There’s a misconception that larger companies, like the Targets and Home Depots of the world, are more likely to be the target of an attack. But, according to the National Small Business Association, 44 percent of small businesses have experienced a cyber attack. In fact, the malware attacker that accessed Target’s private data did so by using the network access privileges of one of Target’s heating and air conditioning vendors, Fazio Mechanical Services, Inc. By acting as a portal, Fazio, a $12.5 million dollar company, opened Target, a $72.6 billion dollar company, up to $420 million in potential losses.
Cyber crimes are increasing in number and intensity. Follow these five tips to make sure you’re taking appropriate action to protect your business, employees and customers against cyber crimes:
- Update your anti-virus and anti-malware software. You may have installed anti-virus software onto your computer, but when was the last time you updated it? Cyber criminals are constantly looking for holes in security, so by leaving your software unattended, you’re opening yourself up to an attack. Update your software frequently and make sure it comes with backup and restore ability so that you can recover any information you might lose.
- Establish and enforce secure password protocols. It’s not unusual for someone to default a computer password to “123456” without considering the consequences. Unsurprisingly, Verizon’s 2015 Data Breach Investigation Report found that the majority of data breaches stemmed from weak or stolen credentials. Passwords should differ across platforms and it’s best to change them often — every couple of months or so. Train your employees on the importance of password security and provide them with strict security protocols to follow.
- Use a secure server for email communications. Hackers are always looking for ways to steal your data and information. Keep it safe by storing it in a secure server. Encrypting your company’s emails and communications is another crucial step to deterring cyber criminals. While not undefeatable, encryption presents an obstacle to hamper hackers’ progress. It will force them to fight through an additional layer of protection, and that typically isn’t worth their time.
- Create a disaster recovery plan. While the above steps certainly help prevent the likelihood of a cyber attack, they’re not foolproof. In the event that your company does suffer an attack, are you ready to respond? Include all necessary steps for responding to and recovering from a cyber attack in a disaster recovery plan. Develop a communications plan so everyone in the company knows whom the spokesperson is, who makes the calls, what the talking points are, when customers should be notified, etc.
- Purchase cyber liability insurance. Did you know that cyber crime isn’t covered by general business liability insurance? Businesses are actually liable for five types of cyber crime: unauthorized access, network damage, human error, theft of digital assets and cyber extortion. Purchase cyber liability insurance to ensure you’re fully prepared for the inevitable. Cyber liability insurance covers notification fees, crisis management costs, regulatory proceedings (fines and penalties) and credit monitoring expenses for victims of the breach.
Sixty percent of small businesses close their doors for good after suffering a cyber attack. Don’t be part of that statistic. Make sure your business is prepared to weather the storm.