[BreachExchange] How to: Avoid the high cost of a data breach

Mon Nov 27 19:16:00 EST 2017

http://www.mainebiz.biz/article/20171127/CURRENTEDITION/311219995/how-
to:-avoid-the-high-cost-of-a-data-breach

In August, the Equifax data breach left more than 145 million Americans
vulnerable to identity theft. Sensitive information such as Social Security
numbers, addresses and consumer names were stolen by hackers attempting to
impersonate individuals by opening bank accounts, applying for new credit
cards or even attempting to get driver's licenses.

The breach spurred consumers to review the cybersecurity measures they have
in place at home. Small business owners should do the same. Yet, recent
data shows 87% of small business owners do not feel they are at risk.

This is a mistake. In 2016 alone, 61% of cyberattack victims were
businesses with fewer than 1,000 employees. What's more, roughly one in
three small businesses do not have the necessary tools in place to protect
themselves from any kind of cyberattack.

The high cost of ignoring a data breach

The Ponemon Institute, a Traverse City, Mich.-based research firm,
estimates that the cost of cleaning up a small business after it has been
hacked is $690,000. An estimated six in 10 small businesses fail within six
months of a cyberattack.

Nearly half of cyberattacks are maliciously intended, with hackers aiming
to use a business owner's information to compromise the owner's personal
credit. This leaves personal information, preexisting accounts and the
business at high risk. Once a credit score has been compromised, a small
business owner may no longer be able to pay their business loans or access
new financing.

Often, small business owners are at a greater risk of an attack because
they do not have the necessary cyber protections in place. One way to
protect against a cyberattack is to enhance security measures through
malware detection or pop-blocker software and installing a firewall,
anti-spy, anti-virus and spam filter on your small business' computer
system.

How to protect your small business

With small businesses at a great risk of falling victim to a cyberattack,
business owners can follow these best practices to better protect their
businesses.

- Most importantly, protect your personal information at all costs. Never
respond to personal information request via call, text or email. It is
imperative that account owners keep account information safe from phishing
scams by not opening or downloading attachments from unknown sources.

- Do not share confidential business information online and be sure to
protect personal information by securing it with a strong password or
keeping it out of public view. Protect your digital footprint by increasing
account password strength using two-step authentication, encrypting
sensitive documents, and hiding and requiring a WPA2 password for your
wireless network.

- Business owners should change account passwords once word breaks of any
sort of data hack — even if the business is not directly affected. By
having multiple, strong and unique passwords for business accounts, you
lessen the risk of hackers stealing your personal information. Keep
personal electronic devices up to date with the latest security patches.

- Monitor all accounts regularly in order to detect fraudulent activity. If
a check is not processed on time, contact the payee and consider placing a
stop payment. If you bank online, sign up for automated alerts that will
flag any change in credit status.

- Consider creating an informed cybersecurity incident response plan. Stay
vigilant on data breaches or cyberattacks. Develop an incident response
plan so you can respond quickly and effectively to any breaches in
cybersecurity that might affect your business and its employees.

- Consider purchasing specialized insurance. Standard commercial insurance
policies will do little, if anything, to shield you from electronic damages
and the associated costs.

Anyone and any business can fall victim to a data breach. Educate yourself
and your employers on best practices to protect your small business.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20171127/223042e9/attachment.html>