• BBB Business Tip: Safeguard Your Business Against Cybersecurity Threats

    • Share:
    June 01, 2021
    BBB® Tuesday Tips
    5 Essential Ways To Safeguard
    Your Business Against
    Cybersecurity Threats
    Cyber crime is on the rise, and the onset of the COVID-19 pandemic has left businesses more vulnerable than ever. In the first nine months of 2020, hackers exposed 36 billion records through methods such as phishing and malware.
    A big reason businesses don’t prioritize cybersecurity is that many don't recognize the gravity of cyber attacks. Securing your online system protects everything from your employees’ personal information and health records to your intellectual property and data. Use these to safeguard your electronic business life.
    1. Backup Your Data
    Most businesses are familiar with data backups; in fact, over 90% of companies claim to secure their information through backups. However, out of this number, only 28% perform weekly data back-ups.
    Nearly 70% of companies are losing precious information because they did not back up their recent data, according to Acronis (a cyber backup software company). The simple task of securing your files on either a virtual database, like cloud storage, or a physical database, like a USB drive, will grant you access to your information in cases of cyber threats, as well as accidental deletions and power outages. 
    2. Install Security Software
    According to Tessian (a human layer security company), 88% of cybersecurity breaches are the result of human error. In other words, most cyber attacks take place because of the unintentional actions of employees, such as clicking on malware or using a vulnerable password. A Google/Harris poll found that 65% of people use the same password across all or multiple sites, making it easy for hackers to access workplace systems.
    Downloading security software can help prevent these mistakes from occurring. In addition to anti-virus software and firewalls, it's advisable to set up spam filters to protect against phishing campaigns.
    3. Use Encryption and MFA
    Encryption is a technique that encodes information, making it impossible for hackers or anyone outside of your workplace to consume your data. The number of businesses that utilize encryption is on the rise, with nearly 50% of companies claiming to encrypt their data in 2020. 
    While encryption is a strong line of defense, it should not be your only one. Businesses should take advantage of multi-factor authentication (MFA) to prevent cybersecurity breaches in the first place. MFA requires extra information, such as a unique code sent to a mobile device, to protect against hackers.
    4. Protect Against Internal Threats
    Verizon claims that 30% of data breaches come from internal actors. While you can do your best to hire trustworthy employees, it's impossible to verify the reliability of every single person you hire. Methods to prevent internal breaches include:
    • Outlining strict computer policies (forbid employees from bypassing firewalls)
    • Installing IDS (intrusion detection systems)
    • Changing passwords frequently (and especially when employees leave)
    In just the past two years, the number of internal cybersecurity breaches has escalated to 47%, according to The Ponemon Institute, making it more essential than ever to implement these policies and changes.
    5. Create An Incident Response Plan
    When it comes to physical emergencies, such as fires, most workplaces have a plan in place. However, an IBM study found that an overwhelming 77% of organizations do not have a response plan ready when it comes to cybersecurity. Considering that, according to a Black Hat USA survey in 2019, 65% of business leaders predict the occurrence of a security breach in their organization in the coming year, you should have a protection plan ready.
    An incident response plan (IRP) is a set of instructions designed to help recognize, address, and recover from network security threats. In short, an IRP calls for creating a list of responsibilities for team members, summarizing technologies that the team should use, and detailing a data recovery process.
    The main purpose of an IRP is to detect a cybersecurity breach as soon as it happens. In the unfortunate incident that employees fail to prevent the breach, knowing about the incident can lead to a smoother and swifter recovery. Believe it or not, in a 2016 Bitdefender survey, 74% of companies reported that they didn't even know how hackers gained access.
    Cybersecurity Resources
    The fact that we can't physically see cyber attacks doesn't make them any less dangerous. A single data breach in the United States can cost a company over $8 million and expose employees’ and clients’ personal information, hurting the brand itself and the people behind it. That's why it's more important than ever to take steps to secure your business against cybersecurity breaches.
    Learn more about cybersecurity resources by visiting these BBB tips on cybersecurity.

    Photo Courtesy of Getty Images

    BBB of Northwest Florida
    912 E. Gadsden Street
    Pensacola, FL 32501
    Tammy Ward, Communications Director
    tammy@nwfl.bbb.org, (850) 429-0002