Overlooking cyber security can cost businesses big, and states are noticing. New York is the first state to propose cyber security regulations. The degree of cyber security required varies per business, but your business will be fined if you don’t comply. Organizations must implement cybersecurity policies, have policies in place for confidential information disposal, review and limit access to documents, conduct risk assessments, and have policies in place to secure information to third parties3. Depending on your classification, some businesses must also employ cybersecurity personnel, have a Chief Information Security Officer, encrypt data, have an audit trail, implement multifactor authentication, and have vulnerability assessments3. New York realizes the impact and importance of cyber security and is helping protect its businesses.
Cyber attacks are not something to be taken lightly. Your customer’s information can be breached and put into the heads of those with a malicious intent, or installed malware can cause any data inputted to be recorded. This means that your customers credit card information can get into the hands of someone planning to use that credit card for their own personal gain. Unfortunately, small businesses don’t see it as a large enough threat to take preventative measures for.
According to Visa, 95% of its credit card breaches are against their small business customers.
Small businesses are a large target to many of the cyber security threats: hacking, physical retrieval of information, and malware. 43% of all cyber attacks are targeted towards small businesses1 due to their lack of resources and vulnerable websites. According to Visa, 95% of its credit card breaches are against their small business customers. Cyber attacks can be a major setback for small businesses – a single attack can cause upwards of $1 million in damages1, and can cause a business to temporarily shut down while the after effects of the attack get smoothed out. Of the businesses who have been a victim of an attack, 60% of them go out of business within 6 months1. Only 14% of small businesses consider themselves prepared for an attack – are you one of them?
Fortunately, there are small steps you can take to prevent and protect your business and your customer from cyber attacks:
- Educate employees on how to handle sensitive data – employee training is paramount, and oftentimes companies do not invest enough time, attention and energy into providing that type of training to employees about keeping company information confidential. A simple refresher course can reinforce the importance of this area
- Require employees to frequently change passwords
- Install an antivirus and antispyware on all computers. Allow automatic updates.
- Use a firewall and encryption software
- Set up access restrictions for sensitive data – and password protect spreadsheets
- Lock computers and laptops when not in use – Time outs and “Windows Key+L”
- Verify with banks that you are using the most trusted and validated anti-fraud services
- Invest in a Cyber Liability Insurance policy – Cyber Liability insurance will protect your business from breaches and leaks as well as provide coverage for laptops and electronic equipment.
Cyber security is an issue that should be taken seriously by every business. While small businesses are a large target for cyber attacks, you can take precautions to keep your business protected.
For more information on Cyber Security, check out this infographic from BOLT Insurance