Did you know that the average cost of cybercrime attacks in the U.S. was a stunning $15.42 million? In the UK, it’s £6.32 million. Regardless of the country you live in, cyber crime is serious. So much so that the UK National Security Council has said that cyber attacks are a “tier one” risk to national security. The frequency and severity has steadily increased over the years.
Take It Seriously
Take the threat seriously because it is serious. McAfee, a provider of security software, recently reported it had found 90 percent of small and medium-sized businesses don’t protect their electronics and customer information. According to PwC (Formerly PriceWaterhouse Coopers), this can cost a company up to £100,000. For larger companies, the cost of a breach could cost millions.
Avoid Public Wi-Fi
Public wi-fis are known to be sketchy when it comes to security. You just don’t know who is on the network, the traffic is normally not encrypted, and data can be easily stolen or compromised if you’re sharing a connection with someone else in a coffeeshop or a bar.
Any official business, including checking email, should be done only on secure networks that you have set up. Mobile phone data networks are also secure.
Check Your Banking Activity Frequently
Get in the habit of checking your business checking account on a regular basis. If you use an aggregation service, check that often as well. Monitor transactions across all of your accounts and use mobile applications that help you dig deeper into your transaction history to find errors or erroneous charges.
Get Yourself Audited
Companies, like Sec Tec, are in the business of performing audits and penetration testing, along with basic security analysis. A basic analysis will tell you about the state of your security, whether there are any potential vulnerabilities, and how serious those vulnerabilities are.
Provide Training To Employees
This is perhaps the single-most important thing you can do. Have your staff trained on proper security protocols. Mistakes made by employees are a very common cause of data breaches. Your employees need to know how to respond to network security and other breaches quickly and correctly.
For example, train your employees to not allow unauthorized access to secured areas. Have them reset their passwords frequently and make them complex enough that a hacker would not be able to easily gain access to their accounts or steal login credentials for email or network access.
Passwords should be made up of at least one number and could be in sentence structure or a combination of words or phrases that “makes sense” to the employee only.
An employee might use “TwoLipBlue97”, for instance – it would be a secure password combination that’s difficult to break.
Also, make sure you train customer service on what to do after a breach has occurred. In 2014, the Ponemon study showed just 34 percent of data breach preparedness study respondents had training on post-breach response.
Charles Dixon is a lead security engineer. He loves to share his insights on cyber attacks by posting online. Look for his articles mainly on business IT websites.