Cyber security has been at the forefront of recent discussions. The latest ransomware attack, WannaCry, highlights the critical importance of creating a cyber strategy for your business. Do you know the root causes of most data breaches? Almost half the result of criminal or malicious attacks, however, human error accounts for roughly one-fourth of the breaches.
According to the National Institute of Standards and Technology, small businesses are especially vulnerable since they are viewed as soft targets by cyber criminals. Even though hackers may not realize immediate financial gains through system penetration, small businesses may provide entry points to other systems with significant advantages. For instance, let’s say a smaller business does contract work for a larger company. If the small business has to log-on for any automated or computer-related activities and their system is compromised, the hacker could use the log-on credentials from the small business to penetrate the larger companies system. Once access is gained, the hacker can launch malware, ransomware, or infect the system with a virus. They could also take the exact same steps towards penetrating another system if it was felt that an even greater reward was at stake.
An important item to remember is that a breach is not always immediate. Sometimes a system has been penetrated weeks or months before the malicious attack actually begins.
One way to manage your business’ risk is to identify what information your business uses and stores. Create a list with each of type of information and ask yourself, ‘what would happen to my business if … ‘. Once you have written down various answers, add a numeric value to each item from most to least important. Next, identify who has access and control to your business’ information. No matter how small your company is, individual accounts should be set-up for each employee. That helps ensure accountability if something should happen. Remember, identification is the first step in creating a cybersecurity framework to safeguard your business from potential hacks. Additional posts will reflect the other key areas highlighted in the adjacent graphic.