Each year around 60 million US individuals experience identity theft, often by way of data stolen from a company they do business with. The US continues to be the number one target, but India and Japan aren’t far behind.
According to South Florida IT specialist, Ilan Sredni of Hollywood’s Palindrome Consulting, a data breach now costs the average company nearly $4 million.
Cybersecurity risks are real and as businesses, we need to protect ourselves. But often cybersecurity strategies feel complicated and out of reach for the small to medium business. The truth is, they’re neither. Cybersecurity can be simple, affordable and effective. These “too simple” strategies may surprise you.
- Communicate with Employees: What’s the Risk?
Your employees are your front line in the fight against cybercrime. So building a culture of cyber safety is vital to the health of your business. Invest in at least an annual training where you share:
- What’s at stake
- Common tricks cybercriminal use
- Safety protocol
- How to report an attempt
Simple education will reduce the risks of a successful attack. While cybercriminals are always trying new things, people still fall for the simple techniques if they don’t know about them.
- Have the Right Tools in Place
Employees will inevitably fall for these tricks because cybercriminals are clever. So we also need to have technology that reduces the risk of something actually getting through. This includes things like:
- Spam filter
- Identify Vulnerabilities
Part of risk management is knowing the risks. But some risks are more obvious than others. To understand cyber threats, we need to stay informed about how they operate. Only then can we put systems in place to block their attempts.
- Have a Strong Password Policy & Enforce Compliance
What can we say? Our drive for what’s convenient overrules our best judgment most of the time. That’s why 73% of people use the same password on multiple sites. 50% write down passwords. 30% of people share their passwords.
You’ve told employees not to do these things. But policies aren’t enough. You need to help employees do better by:
- Sharing how to create a strong yet memorable password
- Forcing password changes frequently
- Only allowing strong passwords
- Never asking for an employee’s password
Lead by example. If people in positions of authority coerce employees to give their passwords, you create complacency with password sharing. And that’s all a criminal needs to gain access to your systems.
- Conduct a Cybersecurity Audit
Reevaluate whether your current methods still work. Cybersecurity risks are always evolving. So cybersecurity strategies must also adapt.
Who do you have in place to reduce your risk? How invested are you in employee education? Do you have the right technology in place to stop malware? Do you have a proper backup that would allow you to continue business as usual even if you were attacked?
Cybersecurity strategies don’t have to be complicated. They just need to be thorough and easily monitored for compliance.