Cybercrime is in the news once again, and the latest breach is the most brazen and shocking one yet. The size of the Equifax breach is notable in its own right, affecting an estimated half of all American consumers. But the truly sobering aspect of this situation is that the company affected was responsible, in part, with protecting the security of our sensitive information. The victim of this breach was a gatekeeper of sorts, the one we turned to if someone else was putting our data at risk.
The fact is, every company is vulnerable to being hacked. The large breaches make the news, but smaller breaches are being perpetrated every day. They may not make headlines, but they can turn a company's world upside down. Cyber security research shows that smaller companies face a disproportionately higher risk when it comes to the financial losses associated with a security breach. They are also less likely to have implemented preventative measures, even after they've been the victim of an attack.
While it seems staying ahead of hackers is akin to swimming upstream, there is a secret weapon -- your employees. Your employees should be the first line of defense for your company when it comes to cyber security. Here are some ways that you can reinforce your 'human firewall.'
Train all employees on cyber best practices.
Train new employees as part of the onboarding process, train current employees, and provide updated training at least annually, addressing new and emerging threats. Some issues to cover during training include:
- How to create secure passwords, and the importance of updating them annually.
- The importance of not sharing access to information.
- How to recognize and thwart phishing attempts, ransomware attacks, and other types of hacks.
- How to report any suspicious activity.
Create a written response plan.
Every company should have a detailed response plan to be followed in the event of a breach, and make sure everyone understands their role. If an attack is detected, your team should be able to move quickly into response mode. If you experience an attack, evaluate your response plan once the crisis is over, and adjust it as necessary.
Make security part of the company culture.
Everyone in your organization, from the owner or CEO to the part-time data processor, needs to be on board with your cyber security plan. And management's involvement is key -- the emphasis trickles down from the top.
Taking advantage of the human firewall is a low-cost, high-impact way to improve your business' cyber security and reduce the likelihood of an attack. Since hackers always seem to be one step ahead, it's also a good idea to insure your business against cyber-crime. A cyber policy, or a rider or endorsement on your existing business liability policy, will protect your company against the financial implications of a hack.
Cyber security should be a priority for every business. Improving your cyber-readiness will decrease the probability of an attack and improve the outcome if one occurs. If you can turn your employees into a human firewall, you'll be better able to withstand an attack.