Cybersecurity Awareness Month takes place every year in October. Led by the U.S. Cybersecurity & Infrastructure Security Agency, the event is an opportunity to highlight the dangers present in our online world, and to provide tips for safer, more secure practices. (And at a time when ransomware attacks are at an all-time high, our risk management experts are all for some added awareness.) We’ve pulled together some easy to implement — yet highly effective — advice aimed at keeping important data and systems safe.
Make it Difficult for Scammers to Make Their Way in
A proactive approach is the best approach, and in the world of cybersecurity that means setting your systems up for success. At this stage of the game, your IT professional will be your best friend. Lay out expectations on their end, ensuring you have a quality firewall in place, that your systems are updated — and security patches installed — so as to avoid lapses, and that he or she will be ready to assist, should trouble still manage to make its way through. On your day-to-day team side, emphasize the importance of a secure, hard-to-guess password that gets changed out regularly. You might even consider two-factor authentication for social media pages and the like. Two-factor authentication sends a code to a pre-determined phone number or email address when a login attempt is made from an unknown IP address, adding an extra layer of protection.
BCH Tip: Our Poising Passwords for Success Sheet offers great advice you can pass along to the team.
Know What to Do in the Event of an Attack
Even the strongest, most well-thought security approach will have its weaknesses. If your company finds itself experiencing a ransomware attack, the victim of a phishing attempt — or facing another type of fraud — try to keep a level head. Immediately communicate the issue to both your IT professional and your team members, and educate them on next steps. For a minor issue, that might simply be leaving computers on at the end of the day so the company can update systems. In the event of a major ransomware case, it might mean unplugging all computers, disconnecting from Wi-Fi and finding an analog way to carry out the day’s work until you can return to business as usual. If you’ve incorporated cyber insurance into your risk management approach, submit a claim to your provider. Of course, you’ll want to report the issue to the proper authorities, too.
BCH Tip: The FBI’s Internet Crime Complaint Center (IC3) makes it easy to report cyberattacks and other online fraud.
Train Your Team (and Provide Regular Reminders)
Your team members aren’t just your company’s greatest asset. They can be your biggest liability when it comes to cyberattacks. An accidental click on a questionable link or a response to a scam email can set things on a quick downward spiral. The best thing you can do is to regularly gather your team together to discuss the red flags they should watch out for, ransomware worries, online scams that are making the rounds — and what they should do if they spot something suspicious. Those regular updates are crucial, since hackers are always looking for new ways to get their hands on your data.
BCH Tip: Our Phishing Scams Quick Sheet offers advice to help team members spot — and sidestep — attempts to access sensitive data.
Cybersecurity is no small issue. In fact, 30% of those impacted by fraud are small businesses. And of those small businesses impacted, 60% never recover their losses. Play it safe out there this Cybersecurity Awareness Month! And if you have questions on any of the above. Please feel free to contact BCH. Our risk management experts are always glad to help.