[BreachExchange] Not Just Equifax: 60 Percent of Small Businesses Get Hacked Each Year, Here's How to Fight Back

[Audrey McNeil]

https://www.inc.com/kevin-kerridge/not-just-equifax-60-
percent-of-small-businesses-get-hacked-each-year-heres-
how-to-fight-back.html

Cybercrime is in the news once again, and the latest breach is the most
brazen and shocking one yet. The size of the Equifax breach is notable in
its own right, affecting an estimated half of all American consumers. But
the truly sobering aspect of this situation is that the company affected
was responsible, in part, with protecting the security of our sensitive
information. The victim of this breach was a gatekeeper of sorts, the one
we turned to if someone else was putting our data at risk.

The fact is, every company is vulnerable to being hacked. The large
breaches make the news, but smaller breaches are being perpetrated every
day. They may not make headlines, but they can turn a company's world
upside down. Cyber security researchshows that smaller companies face a
disproportionately higher risk when it comes to the financial losses
associated with a security breach. They are also less likely to have
implemented preventative measures, even after they've been the victim of an
attack.

While it seems staying ahead of hackers is akin to swimming upstream, there
is a secret weapon -- your employees. Your employees should be the first
line of defense for your company when it comes to cyber security. Here are
some ways that you can reinforce your 'human firewall.'

Train all employees on cyber best practices.

Train new employees as part of the onboarding process, train current
employees, and provide updated training at least annually, addressing new
and emerging threats. Some issues to cover during training include:

- How to create secure passwords, and the importance of updating them
annually.
- The importance of not sharing access to information.
- How to recognize and thwart phishing attempts, ransomware attacks, and
other types of hacks.
- How to report any suspicious activity.

Create a written response plan.

Every company should have a detailed response plan to be followed in the
event of a breach, and make sure everyone understands their role. If an
attack is detected, your team should be able to move quickly into response
mode. If you experience an attack, evaluate your response plan once the
crisis is over, and adjust it as necessary.

Make security part of the company culture.

Everyone in your organization, from the owner or CEO to the part-time data
processor, needs to be on board with your cyber security plan. And
management's involvement is key -- the emphasis trickles down from the top.

Taking advantage of the human firewall is a low-cost, high-impact way to
improve your business' cyber security and reduce the likelihood of an
attack. Since hackers always seem to be one step ahead, it's also a good
idea to insure your business against cyber-crime. A cyber policy, or a
rider or endorsement on your existing business liability policy, will
protect your company against the financial implications of a hack.

Cyber security should be a priority for every business. Improving your
cyber-readiness will decrease the probability of an attack and improve the
outcome if one occurs. If you can turn your employees into a human
firewall, you'll be better able to withstand an attack.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20171027/b6405e06/attachment.html>