Cyber Liability: How To Protect Your Business
Cyber attacks have been in the news quite a bit as of late. Home Depot and Target both had major data breaches that compromised the credit card information of millions of customers. Sony
Pictures suffered a hack that leaked a massive amount of internal information and led to the resignation of its chairperson.
These breaches are bad for a company’s reputation, but they also have tangible monetary costs. Target recently reported that its hack led to over $160 million in expenses, and that’s before the outcome of a pending class action lawsuit by its customers. It’s estimated that cyber attacks cost businesses up to $400 billion a year.
Many small business owners don’t think they need to worry about cyber attacks. After all, hackers only go after massive companies where they can get millions of dollars worth of credit card information and other valuable data, right?
Actually, small businesses can be even more vulnerable to cyber attacks. Since they often don’t have the resources and expertise to secure their networks, criminals will target small businesses with simple attacks that can steal or even delete all their internal data. Here a few ways to keep your business protected from such an attack.
And these small businesses cyber attackes cost and average of $9,000 to a victimized business. Application security testers, Veracode estimate merely 41 percent of companies have the tools and resources to deal with a cyber attack.
Develop IT Best Practices
Developing IT policies can cost very little to implement, but can save your company thousands or even millions of dollars.
For instance, a small business can establish a clearly articulated employee guidelines instructing what files can be downloaded and which external websites they can access from their computers. Despite the simplicity of this, only 10 percent of companies do this, according to Symantec/NCSA.
Strong password protection, and e-mail filters to prevent phishing or other types of dangerous cyber attacks, can also be useful.
Most importantly, make sure to back up all your data. One of the most common cyber attacks against small businesses is known as ransomware. Ransomware is a form of malware that blocks access to your network and demands a payment in order to release those files.
Businesses without a backup for their data often have no choice but to pay the ransom since they can’t operate without all that information.
Stay Up To Date
Many businesses and employees neglect to update their software on a regular basis. After all, it can be a hassle to restart your computer, and if it’s running fine already you might not feel like an update is necessary. In reality, consistently updating your software is one of the most important steps you can take to prevent cyber attacks.
The companies that create the software you use are constantly discovering new flaws and vulnerabilities. The updates they put out are usually patches that fix an existing vulnerability, sometimes one that hackers have already used. Downloading these updates takes very little time and can be extremely beneficial.
The same goes for firewalls and antivirus software. The digital world moves at a lightning fast pace. If your firewalls and antivirus software haven’t been updated in the past year, they are most likely significantly out of date and vulnerable to known forms of cyber attacks.
Secure Your Most Obvious Vulnerabilities
Some small businesses are great about securing their networks and installing the most up to date software, but they leave themselves vulnerable to more simple types of attacks. Company laptops, smartphones, and tablets often contain a huge amount of sensitive data, and it can be easy for them to get lost or stolen.
It’s hard to regulate employee use of these devices outside of the office, so the best way to secure these devices is through proper encryption software. Encryption keeps anyone from reading the data on your hard drive without a password. Newer laptops and phones might also use fingerprint protection.
Remote wiping is another great way to secure these mobile devices. If an employee has their mobile device lost or stolen, a remote wipe can delete all the data so that whoever winds up in possession of the device won’t have any sensitive data at their fingertips.
No matter how proactive you are about cyber security, it’s impossible to be 100% secure. For one thing, cyber criminals are constantly coming up with new, unforeseen ways to find and exploit network vulnerabilities. For another, no one is perfect, and it’s virtually impossible to avoid making some mistakes that can potentially compromise your data. “It’s now more important than ever before, for small and medium businesses to get the right kind of business insurance to protect themselves from computer hackers,” explains Sam Meenasian, partner at Business Insurance USA.
There are a number of different insurance policies out there that can protect your business in the case of cyber attack. Some general business owner policies will include specific provisions protecting a business in the case of a cyber attack. Depending on your specific policy and business, you might need errors and omission insurance, which protects your company from liabilities arising from mistakes made by you or your employees, or even specific cyber security policies.
Choosing which policy is right for you requires an evaluation of the potential ways in which your business might face a cyber attack and the potential liability to your customers or business partners resulting from a breach. Small business owners might not want to pay the extra premiums for this insurance, but it’s highly preferable to the consequences of facing a cyber attack and being uninsured.