Is your data safe from cyber thieves?
Cybercrimes are on the rise and the cyber black market has evolved from ad hoc, discrete individuals into a highly organized network of cyber hackers, operating in a multi-billion-dollar economy, per RAND’s recent report. With innovation and growth, the cybercrime market can be very profitable. Here are some basic essentials to include in your cyber security plan.
According to Ponemon Institute’s survey, in the past four years, the financial impact of cybercrime has increased by nearly 78%, and the time it takes to resolve a cyber-attack has more than doubled.
So, why is cybercrime so attractive to thieves?
The answer is simple.
Cyber crime is low risk and highly profitable. There is no risk of physical danger and all it requires is access to the internet. Cybercrimes can include stealing a company’s intellectual property, using passwords to get into a bank account, distributing viruses to other computers, or posting business information on the internet. In short, these are activities that could grind your business to a halt and cause a lot of frustration to consumers.
There is, however, a common misconception that high tech criminals are sophisticated, highly trained super-villains, capable of hacking into the most secure systems. This, ultimately, is not the case. While there are top-tier adversaries and malware toolkit programmers who pose threats, the majority of cyber criminals targeting businesses are opportunistic petty crooks.
These criminals often use some prety basic, low-tech means to gain access to your high tech systems and steal or misuse data for criminal gain.
Five simple and low-tech steps to a solid cyber security plan.
Follow these steps to deter cyber crimes, and thwart attackers from accessing your confidential information:
1. Identify critical information: What data is essential for your business to run? Do you have a legal requirement to protect certain pieces of information (i.e. Sarbanes-Oxley or HITECH statutes)? Knowing what data you have and what you need to protect forms, the bedrock of any information security plan.
2. Institute a ‘clean desk’ policy: Have employees clean their desks at the end of the day, and lock up any important documents. Most importantly, make sure users don’t write passwords on sticky notes and leave them near their computer.
3. Shred sensitive documents: Throwing business documents out with regular trash makes it easy for criminals to exploit the information. Instead, shred documents that contain sensitive data. For best result, use a micro-cut shredder that reduces paper into tiny pieces.
4. Eliminate unnecessary features: This is an essential step in network hardening. Have users remove programs and add-ons that are not directly related to their jobs. This reduces the ‘attack surface’ for active penetrations, prevents the introduction of malware and spyware, and has the added benefit of enhancing computer performance.
5. Train end users: Teach users about modern cyber threats and simple things they can do to protect data. For example, empower them to politely challenge unfamiliar people in workspaces. Make users aware of social engineering schemes, and coach users to never give their passwords to anyone -- not even an IT provider.
If you are spending money on advanced network security technology, without first implementing these basic cyber security steps, it is like buying a fancy alarm system for your house and leaving the door unlocked.
Is your data protected from disaster? Download the disaster preparedness white paper.
Need help planning or assessing your cyber security needs? Contact us at info@iCorps.com.
Photo courtesy: Forbes.com