Do you think that cybercriminals will pass over your small-to medium-sized business for something bigger? This is simply not the case.
Your day-to-day operations leave you with enough to stay on top of — between attracting new customers, managing your revenue, and hiring new employees. Now imagine, you log onto your computer at work in the morning to find that your central business system is locked down, with a message threatening to expose the confidential information of your company. How did this happen? Are you prepared with an incident response plan?
One successful entry from a cybercriminal can take down your entire network, which is why your business should implement company-wide cyber awareness. A greater awareness of the threats your business is exposed to, along with cybersecurity best practices, will give you the confidence to handle and minimize attacks. Of course, you can’t educate your team if you are not aware of your business’s cybersecurity ecosystem. We’ve covered some key cybersecurity issues that small-to-medium-sized businesses should be aware of below.
Make cybersecurity everyone’s role
Your employees are the primary line of defence between your company and a cyber attack. Get everyone involved by developing a company-wide cyber awareness strategy. The Government of Canada has free online learning tools and modules aimed at small-to-medium-sized organizations that business owners and your employees can use to be informed on your cyber risks.
Educate all staff members on the important part they all play in cyber safety. All it takes is one staff member to accidentally click on a phishing email, to fall for an email impersonating a company executive, or to download a link that they shouldn’t in order to trigger a cyber breach. If you come across a suspicious email that is addressed from a company executive, be very cautious before responding or opening any attachments.
Software updates are essential
Protect your devices by updating the software regularly. This means all devices whether they are for personal use or for work – including computers, tablets, cellphones, and smart watches. Cyber threats are constantly changing, which is why new software updates are released regularly in order to address changing security threats. Prioritize these updates and encourage your employees to turn on automatic updates or reminders on their devices.
Develop a password policy
The 2016 Verizon Data Breach Investigation Report found that “63% of confirmed data breaches involved weak, default, or stolen passwords”. Avoid having your business hacked due to commonly used passwords by implementing safe password practices. A strong password should contain at least 8 characters, with a combination of upper and lower case letters, numbers, and symbols. Educate your employees on the importance of using a separate password for every login site and to change their password every 3-6 months.
Tie up loose ends
If an employee leaves or is fired from your business – make sure their system access is terminated immediately after they leave. This is critical in ensuring that your former employee doesn’t have the ability to access company information and create a security risk down the road.
Have an incident response plan
The best preparation you can do for a cyber breach is to have a response plan in place that is ready to go. This will allow your business to act quickly to detect, respond to, and recover from the cyber attack. Don’t forget to also include a crisis communication plan within your incident response guide. The right words during and after a breach will help to protect your brand reputation and to keep your customers happy.
Cybersecurity is an ongoing process
Once your employees have completed their cyber-awareness training, it doesn’t end there. Cybersecurity is constantly changing and evolving to meet the changing risks that businesses are exposed to. It is important to revisit your strategy and update it frequently to account for any new threats or weaknesses in your business operations.
Things can still go wrong, even with the best precautions
Regardless of the size of your organization, the costs associated with cyber breaches can be catastrophic. Even with the best precautions in place, things can still go wrong, but fortunately there’s insurance to help. Having insurance can aid in recovery costs, notification expenses, business interruption, third party liability, and even ransom costs. Cyber policies are changing and evolving to account for the growing risks of cybersecurity. Speak with one of the expert brokers at Fuse Insurance to find out what you’re covered for and what insurance options can protect your business.
Further Reading: Ransomware in Manufacturing and Construction
Fuse Insurance Ltd. is the evolution of the commercial insurance brokerage, and the first of its kind in Western Canada. Backed by policies from a selection of A-rated insurers, Fuse Insurance can provide coverage for businesses large and small from almost any industry. For further information or to get an online quote now, click here or call us at 1-866-387-FUSE (3873) for more details.