Cyber Risk Readiness: The New Normal for Business

Posted by John Cofini on Tue, Nov 19, 2019 @ 01:19 PM

cyber-riskCyberattacks have become a part of daily life, but this doesn’t mean they’re becoming less of a risk. These days, no one is immune from the threat. Local governments are being hit with coordinated ransomware attacks, while the National Cyber Security Alliance reports that 25 percent of small- and medium-sized businesses file for bankruptcy after a cyberattack. To survive, your business needs to make cyber risk readiness the new normal.

Ransomware

There are many types of malware lurking on the internet, but ransomware stands out as a top concern. Once it infects a computer, it encrypts the files to make them unusable. The cybercriminals behind the attack demand a ransom to decrypt the files; however, there is no guarantee that the files will be restored even if the ransom is paid.

According to FBI, indiscriminate ransomware attacks have decreased since 2018 but losses have actually increased significantly. This is because ransomware attacks “are becoming more targeted, sophisticated, and costly.”

Data Breaches

Data breaches can be the result of malware and computer system vulnerabilities, but they can also occur due to employee actions and theft of devices. If your business experiences a data breach, reputational damage, lawsuits and regulatory fines can result.

According to the National Conference of State Legislatures, all 50 states have passed breach notification laws. Businesses are responsible for keeping their data safe and for taking prompt action if a security incident occurs. Know the laws in your state and be ready to respond to a breach. A good response can include both notifying consumers who have been affected and taking steps to assess and control the breach.

Business Email Compromise

Business email compromise is a type of cyber-enabled financial fraud that relies on deception rather than malware. An individual in a company may be targeted with persuasive but fraudulent emails and possibly phone calls in order to convince the target to make a wire transfer.

The FBI warns that business email compromise schemes have targeted businesses of all sizes and resulted in losses of billions of dollars.

Are You Cyber Ready?

Cyberattacks are a daily threat, so cyber risk readiness needs to be a daily priority.

  • Train your workers to recognize phishing schemes and to avoid clicking on malicious links. Also provide training and develop policies to avoid business email compromise schemes.
  • Keep your software updated with security patches and secured with anti-virus software. The FBI warms that cybercriminals can exploit vulnerabilities in software programs to take control of systems.
  • Use strong passwords, not default or obvious passwords. Change passwords as needed to ensure that people who shouldn’t have access don’t have access.
  • Consult a cyber security expert. While it’s important to make sure that every worker is aware of cyber risks on a day-to-day basis, a cyber security expert can make sure that your system is as secure as possible.
  • Encrypt files. Encryption can keep data safe is it falls into the wrong hands.
  • Backup files. If your files are encrypted by ransomware or otherwise lost, having a backup can ensure that your business can keep running.
  • Assume you will be targeted. Cyberattacks have become so common that it’s a question of when, not if. Create a response plan and purchase cyber insurance.

To learn more about this costly exposure, contact your BNC Insurance broker.

Tags: cyber risk, cyber risk readiness