Cyber security is a growing concern for businesses of all sizes. The recent high-profile data breaches at major retailers, as well as growing corporate security exposures, highlight the risks in our connected world. Any company that does business online could be at risk of cyber theft, which includes stolen funds and stolen customer/employee information.
Here are some recent facts about cyber security from Symantec Internet Security Report:
Small businesses experienced a 300% increase in cyber espionage attacks from 2011 to 2012.
Last year, the number of breaches was 62% greater than 2012.
The number of phishing campaigns increased 91% in 2012.
Estimates are that 30-40% of businesses will experience an attack.
Where is the Weak Link in Cyber Security?
Employees are the weak link in companies' security programs. Without training, people click on email links, release sensitive information and fail to secure personal devices that may store company property and assets.
Bringing your own device (BYOD), one of the biggest trends in business today, allows employees to use their own smart phones and tablets. Most small companies welcome the idea of employees providing their own device as a cost-savings measure. However, studies have found that 71% of companies do not have policies and procedures in place to ensure security of their digital assets.
Employee mobile devices are vulnerable to hacking, loss and theft. Studies show that 38% of mobile users have experienced mobile cybercrime. Employees store sensitive company information on their mobile devices, as well as passwords and login information. If an employee loses their device or gets hacked, your business can suffer and you may never even know the cause.
What Can You Do to Protect Your Business?
Cyber security risk and the BYOD trend are not going away. You can take time now to set up steps to protect your business.
1. Conduct a risk assessment. Know who uses each device and for what purpose. Be sure to find out about home computers if employees access your business remotely. Schedule periodic reviews of this information.
2. Develop a security policy. We can find an IT consultant to help with developing these policies, since most IT departments are too busy with the day-to-day to look at overall security. Having an outsider also provides an objective review of the work done by your IT department.
3. Communicate. Make your Cyber Security Policy part of your Employee Training and update employees with any changes and updates regularly.
4. Enforce. Outline consequences for noncompliance and monitor employees' BYOD use. Make employees responsible for how they use your company information online.
5. Backup. Ensure you have infection and incident response procedures in place and regular backup procedures.
What Data or Asset is at Risk?
The highest risk for you and your business is that a hacker acquires your clients' personal information and sells it for anything from targeted advertising to theft. The market for personal information is the fastest growing industry in the world, outpacing technology itself. Your company's reputation is at stake if you don't take time to address potential cyber security issues. These are only some of the potential assets you could have at risk:
Contractor and supplier records
Proprietary Assets piracy
Reverse Engineering of products
Your business could be in serious risk of cyber security breaches. Follow the steps outlined here to protect your company and client information, and call us
to take further steps to improve your cyber security and keep your company safe.