Cyber Security…. It’s been all over the news, but what can you do to protect yourself?
There’s a saying out there that goes something like this, “It’s not a question of whether you’ll get hacked or have a data breach, it’s a question of when.”
Here are some quick tips to help you be proactive. If you follow through now, you’ll be happy later.
#1 | Cyber Insurance
Moving from a “nice to have” to a “needed” insurance policy. Think you can pay out of pocket if something happens? Think again…
According to Sophos, the average bill for recovering from a ransomware attack, including downtime, people hours, device costs, network costs, lost opportunities, ransom paid, etc was $1.85 million in 2021. // The True Cost of Ransomware
Action Step #1 – Get Cyber Insurance
#2 | Education
Education is key. According to a study by IBM, human error is the main cause of 95% of cyber security breaches.
In a security context, human error means unintentional actions – or lack of action – by employees and users that cause, spread or allow a security breach to take place.
So what do educate yourself and your employees on regarding cyber security?
- Responsibility for Company Data – emphasize the critical nature of data security and protecting company data.
- Notification procedures – make sure everyone knows when and who to contact if there is a problem.
- Passwords – train usage of strong passwords and password management.
- Unauthorized Software – do not allow installation of unlicensed software on any company computer.
- Internet Use – train avoidance of links that are suspicious.
- Email – responsible email usage is the best defense for preventing data theft and ransomware attacks.
- Social Engineering and Phishing – train to recognize common cybercrime risks, including social engineering, online fraud, etc.
Action Step #2 – Create and Implement an Education Plan
#3 | Get in the Weeds with IT
Whether you have an outside IT company, or handle IT in-house, make sure you have an in-depth conversation with them about the following:
- What they are doing to prevent cyber attacks, data breaches, and data leakage.
- What the disaster recovery plan is for different scenarios, including a ransomware attack.
- Make sure they’ve tested their backup systems and that they include a full backup you can revert to in the case of a ransomware attack or a complete system compromise.
- Utilize multi-factor authentication for cloud systems and remote access to help prevent intruder access.
Action Step #3 – Make Sure IT is Doing Everything They Can