Cyber Security – It’s Time To Be Proactive

Cyber Security…. It’s been all over the news, but what can you do to protect yourself?

There’s a saying out there that goes something like this, “It’s not a question of whether you’ll get hacked or have a data breach, it’s a question of when.”

Here are some quick tips to help you be proactive. If you follow through now, you’ll be happy later.

#1 | Cyber Insurance

Moving from a “nice to have” to a “needed” insurance policy. Think you can pay out of pocket if something happens? Think again…

According to Sophos, the average bill for recovering from a ransomware attack, including downtime, people hours, device costs, network costs, lost opportunities, ransom paid, etc was $1.85 million in 2021. // The True Cost of Ransomware

Action Step #1 – Get Cyber Insurance

#2 | Education

Education is key. According to a study by IBM, human error is the main cause of 95% of cyber security breaches.

In a security context, human error means unintentional actions – or lack of action – by employees and users that cause, spread or allow a security breach to take place.

So what do educate yourself and your employees on regarding cyber security?

1. Responsibility for Company Data – emphasize the critical nature of data security and protecting company data.
2. Notification procedures – make sure everyone knows when and who to contact if there is a problem.
3. Passwords – train usage of strong passwords and password management.
4. Unauthorized Software – do not allow installation of unlicensed software on any company computer.
5. Internet Use – train avoidance of links that are suspicious.
6. Email – responsible email usage is the best defense for preventing data theft and ransomware attacks.
7. Social Engineering and Phishing – train to recognize common cybercrime risks, including social engineering, online fraud, etc.

Action Step #2 – Create and Implement an Education Plan

#3 | Get in the Weeds with IT

Whether you have an outside IT company, or handle IT in-house, make sure you have an in-depth conversation with them about the following:

1. What they are doing to prevent cyber attacks, data breaches, and data leakage.
2. What the disaster recovery plan is for different scenarios, including a ransomware attack.
3. Make sure they’ve tested their backup systems and that they include a full backup you can revert to in the case of a ransomware attack or a complete system compromise.
4. Utilize multi-factor authentication for cloud systems and remote access to help prevent intruder access.

Action Step #3 – Make Sure IT is Doing Everything They Can