Cyber Crime and Your Business
Another big business is in the headlines for its recent data breach in an already tough year. A Cruise Line was hit with a malicious program used by hackers to take control of files in an infected system and then demand hefty payments to recover them, all while they’re still struggling to regain profits due to the COVID-19 pandemic. Cyber-crime attacks can happen to any business, can cost millions in recovery, and can cause customers to lose trust in your company. So, what can we learn from mistakes of companies like this who have fallen victim to cyber-attacks?
1. Ransomware attacks are not the average crime
Criminal Hackers, unlike Professional Hackers, don’t wait until dark to strike. They (usually) cannot be caught on your surveillance cameras and know how to prevent you from finding them. They are incredibly smart and know how to navigate complex systems to exploit you for money. Taking simple steps can make it more difficult for them to access your accounts, thus making you a less-desirable target. Our suggestions:
Do not open links or plug-in unknown USB drives from unknown sources
Use strong passwords
- At least 6 characters (more is recommended)
- Use a combination of numbers, letters, and symbols (@, #, $, %, etc.)
- Use a combination of upper and lower case numbers
- Make sure your password does not contain words that can be found in a dictionary, or words that are important to you (i.e. your child’s, spouse’s, or dog’s name)
- Regularly change your passwords: we suggest changing at least once each 6 months
2. If your data is online, it is at risk
There’s a good reason that the United States’ nuclear arsenal used floppy disks to run their systems until 2019 – hackers can’t break into a floppy disk. If your data is stored on your devices that have an internet connection, there is always a risk for data breaches. And while data on the cloud is generally seen as guarded – it still has a risk for malicious attacks. Here are some additional precautions to take for you and your team:
Run Phishing Threat simulations with your team to ensure they do not open spam emails
- Running ‘practice’ rounds is a great way to make sure your team is reporting spam emails and those who do click on links can be educated on dangers.
Ensure all members of your team have active firewall and anti-virus installed and set-up properly
- To go the extra level, prevent your employees from downloading files/programs that are not company-related
Consider hiring a highly rated Networking/Security firm to make sure your company’s standards are up-to-par
3. You need a Risk Management Plan in place
A Risk Management Plan is a document that a project manager, or outside service, prepares to foresee risks, estimate impacts, and define responses to risks. This is essential in any business to make sure your bases are covered. A solid Risk Management Plan has 5 main components:
- The first step is to understand the risk your business has. Examples include IT risk, operational risk, regulatory risk, legal risk, political risk, strategic risk, and credit risk. You will then have them categorized by core risks and non-core risks. Core risks will be the ones you must take to drive your company’s growth.
Risk Measurement and Assessment
- This step will measure the probability of the risk occurring, and how badly it could affect your business. Some risks may be easier to measure than others. For example, with Cyber it can be harder to predict as they often strike without warning and have varying levels of damage.
- Once you have identified and measured your risks, you can now begin to reduce your risks to get to a healthy balance. Risk mitigation can be achieved through the sale of risky liabilities or assets, purchasing insurance, and/or risk diversification. Work with an outside source to help you understand the best options for your business model.
Risk Reporting & Monitoring
- As with everything in your business, it is important to stay on top of trends. While daily reporting may not be right for your business, we recommend businesses receive reports of their risks regularly and a qualified professional review and readjust their Risk Exposures often to prevent unbalance.
- This step will help ensure all your employees practice the Risk Management plan you have outlined for them. If you have a Standard Operating Procedure in place, but no one follows it, you are opening up your company’s and your customer’s data at risk. Defining employee roles and a committee to oversee procedures are being followed is the best way to prevent issues from arising.
While no business is completely safe from cyber-attacks, you can take these proactive measures to make your company less of a target. If you are looking for assistance with your Risk Management Plans or would like to reduce your risk with quality insurance, the DRS Team can help. Give our team of Insurance Experts a call at (321) 733-6253 or send us a message.
A significant portion of the United States is at risk every year from the damaging effects of Hurricanes. With the added challenges of the Pandemic, initiating the Disaster Preparedness Plan for your business may have slipped your mind. Remember, according to FEMA,...
Native Floridians know that while the official season starts in June, hurricane season usually ramps up in August. If you haven’t begun to prepare for this year’s hurricane season – now is the time!
The extra precautions you and your family need to make for the 2020 Hurricane Season. It's no question that 2020 will be a year we all will remember. It's normal to feel overwhelmed by the known Coronavirus world-wide pandemic, mass-flooding in Michigan, protests, and...