Cybersecurity is becoming a very important topic for companies. According to a research compilation by Blue Corona from early 2018, 77.6% of SMBs use social media for their marketing strategy. Studies also sow that between 70% and 80% of people research a company online before interacting with it in any way. 51% of companies also rely on their website and 54% use email for marketing regularly. In short, the Internet is already a major part of the day-to-day processes of many companies and it will continue to become even more important.
Overall, there’s about a 23% rise in costs for businesses due to cyber attacks in 2017 and the average cost of a malware attack on a company is a whopping $2.4 million, an Accenture research shows. Just Ransomware damage costs in 2017 exceeded $5 billion which is 15 times the cost from 2015, based on a CSO Online research.
Long story short, cyber attacks are a very big issue for companies and are just getting started. So, keeping your company safe in the digital age might seem quite the challenge. Still, there are a few things you can do to lower the risks.
First, make a list of your digital assets and consider the dangers and risks. This includes how many computers and devices you use for your business, what and who uses them, how, when and so on. Also, note where and how the most important and sensitive data is stored.
Next up, create a plan for improving the cybersecurity and digital safety of your business, based on that list. This could mean a lot of actions that you have to take in a certain order.
- Separate sensitive data to an isolated computer or server. Or store it in an encrypted cloud service.
- Create user accounts with limited privileges for employees. For example, there’s no need for the store’s cashier to have an admin-level account with access to sales data or to install software.
- Make sure you have regular backups of all data, which are stored in a separate place and are encrypted.
- Make sure everyone is using unique and safe passwords.
- Keep the software you use updated, add antivirus software, firewall and additional protections as needed. You may also want to consult with a cybersecurity company, which will help you out in choosing the right solutions.
- Create and establish internal procedures for employees. For example, not to open attachment files in emails from untrusted sources, don’t browse untrusted websites from the company computers and so on.
If working online is a big part of your business, then you should invest even more in cybersecurity. This would mean additional training for all employees, setting up spam filters and establishing procedures to follow in the event of a cyber attack or a data breach. In fact, these are also required by the GDPR in the EU, so definitely make sure you’re up to par with the requirements.
Another important tip is to apply a “when, not if” type of mindset. No matter how good your cybersecurity measures are, there’s no 100% guarantee that your company will never be hacked. By having extra security measures in place, you lower the risk of a breach and the damages afterwards, while increasing the trust of your clients and partners.