Cybersecurity for your business has a methodical approach – one that works just about every time.
Did the University of Calgary want to pay $20,000 for a ransomware attack? Did Swiss Chalet expect to temporarily close some locations and offer reduced services in others due to a malicious malware attack to a computer system? Did FedEx anticipate a $300,000,000 hit on its operating results?
The reality is that most businesses often falsely feel “protected” simply because they have not yet been attacked. However, another reality is that 43% of cyberattacks target small businesses and 60% of those businesses attacked by cybercriminals end up going out of business. Taking the right steps to keep your data and business safer is crucial – now more than ever!
Businesses need to have a cybersecurity strategy. In this blog, we will discuss three pillars of cybersecurity: Protection, Detection, and Response.
Often, businesses are on the reactive side when it comes to their business security, when they should really be more on the proactive side. Businesses do not act to protect themselves, their data, and assets until they are targeted. No matter what kind of business you have, you have valuable data and assets that cybercriminals want and can use against you. By taking steps to protect your business from data breaches you are also protecting your greatest assets – your customers’ trust and the reputation of your brand.
The types of data that are commonly at risk include:
|Employee information and records|
|Customer and client information|
Now you may be thinking, “That’s great – I’m vulnerable and my security isn’t at par – what can I do to be proactive?”
Below – Cyberthreats by the numbers from users, from Microsoft 365 Security & Compliance For SMB
There are many affordable strategies for better protecting your company and data:
|Add a layer of security when you log in:
|Back up your data regularly with cloud storage like OneDrive for Business.|
|Use strong passwords and change them regularly.|
|Migrate threats from lost or stolen devices by using an operating system that supports device encryption – like Windows 10 Pro which has an easy-to-use built-in BitLocker encryption system.|
|Keep your operating system and applications up to date.|
|Use antivirus software – if you have Windows 10, you already have the latest antivirus protection automatically with Windows Defender.|
As data becomes increasingly valuable, hackers are becoming more sophisticated. The first step of recognizing known threats and tracking emerging risks can essentially save your business.
|Phishing||Scams that try to steal your personal information or money. They “fish” for your information.|
|Ransomware||Restricts access to data by encrypting files or locking computer screens to extort money from victims (by asking for a “ransom”).|
|Tech Support Scams||Online scams that try to lure you into contacting fake tech support and then try to get you to pay for service/software.|
Here are some warning signs and methods to detect cybercriminal activity:
|Suspicious email address|
|Generic salutation, not your name|
|Alarmist messages or threats|
|Misspelling or errors|
|Offers too good to be true|
|Act to Protect|
|Protect, contain, and isolate your high-value assets|
|Back up your most important files regularly|
|Be suspicious of cold calls|
|Use your browser’s pop-up blocker|
|Have an information security policy|
Human error is one of the biggest cybersecurity risks. Your business must educate employees so they know how to spot the red flags for common cyberattacks, and understand the importance of data security.
Below – Cyberthreats by the numbers from emails, from Microsoft 365 Security & Compliance For SMB
The cost of data breach is about 6 million dollars in Canada alone. Getting hacked can force a small company out of business – the stakes are simply too high. But there are steps you can take to respond to the incidents rapidly and appropriately.
Steps to take if you have been hacked:
|1) Get help: legal and technical|
|2) Assess the damage|
|3) Address any reporting obligations|
|4) Depending on the situation, contact law enforcement|
In the event of a data breach, you have to respond quickly and appropriately in order to minimize the damage to your business. Notify affected parties promptly and be sure to comply with relevant regulations in your industry and jurisdiction.
If you have concerns about your level of cybersecurity, please contact us.
If your business experiences these red flags, your diagnosis is clear: time to adopt the cloud!