The COVID-19 pandemic has brought about many changes in many areas, including cybercrime tactics. As many companies shift to permanent remote work and hybrid work-from-home models, they must find ways to ensure their sensitive business information is protected. Here are some ways you can reduce your company’s risk of falling victim to a cyberattack.
ASSESS YOUR RISKS AND UNDERSTAND THEM
Companies of all sizes can be targeted for cyberattacks. These are a few of the common tactics and tools criminals use to obtain your company’s sensitive information:
- PHISHING: If you’ve ever received a suspicious email from “your boss” needing assistance with an urgent task, chances are, you may have been a target of a phishing scam. This is when cybercriminals send emails claiming to be from reputable companies or people, including people you know, in an effort to get individuals to reveal personal information such as passwords and credit card number. Phishing emails comprise a large portion of the world’s data breaches and are especially common among small businesses.
- HACKING: This is when cybercriminals break into your computer to gain access to your private information. Anyone with an Internet connection can be targeted by hackers and an unprotected computer is like an open door for them. They can gain access to all your usernames and passwords, steal your money, ruin your credit, steal your identity, and even sell your personal information.
- MALWARE: Malware is a contraction for “malicious software,” these include viruses, worms, spyware, adware, and ransomware, all of which are designed to damage your computer, server, and/or network. Hackers will sometimes use malware to infect your computer and access private information. In the case of ransomware attacks, a cybercriminal will hold important or sensitive data for ransom.
MAKE SURE YOUR NETWORK IS SECURE AND YOUR SOFTWARE IS UPDATED
Conduct regular security checkups to make sure all your software is up to date. It might seem cumbersome to constantly update your computer software, but this is critically important because updates address security flaws that could lead to a data breach. Updates are required as cybercriminals find new ways to get your private information. Keep track of all the software your company uses and make sure to remove sensitive information from devices and software that is no longer in use. Turn on filters to keep spam emails out of your company inbox and make sure to update your passwords on a regular basis.
TRAIN YOUR STAFF AND HAVE A DATA BREACH PLAN
Your employees can be your first and last line of defense in the event of a cyberattack. Make sure everyone in your company knows how to identify and avoid cyberthreats. They should know who they should report the suspicious activity to when it happens. Also, make sure to remind your employees to change passwords, back up their files, and check the data breach detection tools on their computers on a regular basis.
CONSIDER CYBER INSURANCE
As more businesses rely on digital presence and remote work, it is worth considering a cyber insurance policy to help cover financial losses in the event of a data breach. If you are in the market for a new policy, make sure you fully understand what it covers. These are some risks to consider:
- LIABILITY: Your company may be liable for costs incurred by customers as a result of a cyberattack. How much will the policy cover?
- SYSTEM RECOVERY: Does the policy help cover the cost of repairing or replacing computer systems?
- REGULATORY FINES: If your business failed to meet federal or state compliance requirements, you could be subject to fines. Does the policy cover them?
- CLASS-ACTION LAWSUITS: These are common when there’s a large-scale data breach, will the policy help cover your attorney’s fees?
To learn more about FICOH’s cyber liability product for commercial customers, contact your independent insurance agent or find one here.