Businesses across every industry sector are vulnerable to cyber risks, as they increasingly collect more valuable and sensitive data such as company proprietary information, customer names and credit information, employee personal information (Social Security numbers), and more. But as the risk of cyber incidents increase, many businesses are not taking heed with cyber security measures. A report from McAfee cites a whopping 90% of small- and medium-size businesses don’t use data protection, and fewer than half secure company email to prevent phishing scams. According to the FBI, criminals made off with at least $676 million last year from a type of phishing scheme where attacks are designed to trick company executives or accounting departments into sending money to fake vendors via email that appears to be legitimate.
Why are so many companies not stepping up their cyber security game? Some believe their businesses are too small to be a target while others think cyber security requires too much work or money to manage. But the fact is that leaving data vulnerable to a hack or some other attack is a mistake a business can’t afford to make. Take a look at some recent stats you can share with your business clients:
- 35% of business owners said they could not remain profitable for more than three months if they permanently lost access to essential data. (Better Business Bureau)
- 22% of small-to mid-size organizations have lost a company-issued device. (Dell)
- 4,000-plus ransom attacks on business networks and home computers occur every day, according to the FBI.
- One of five businesses has reported being a target of a cyber attack. (Better Business Bureau)
- 63% of all network intrusions are due to compromised user credentials. (Microsoft)
- 45% of employees across organizations have admitted to engaging in unsafe behaviors that could compromise data. (Dell)
Having strong cyber security protocols and measures in place is an essential component for effective business risk management. This includes:
- Implementing advanced email filtering, which can prevent the threat before it reaches the end users, such as blocking emails, scanning attachments and links, and removing any threats.
- Ensuring users implement powerful passwords:
- Having cyber security awareness training as a requirement for new employees during their onboarding process.
- Enabling two-factor authentication, which adds another zone of protection after a user’s password.
- Updating the company’s operating system. Keep software updated and download security patches when they are updated.
- Encrypting files and portable devices.
- Increasing backup frequency for proper data protection.
- Conducting routine security assessments to keep all parties accountable for the security requirements of the business.
In addition to these measures, businesses should also carry Cyber Liability insurance to cover the cost of a potential breach. Cyber insurance will respond to cover regulatory claims, business interruption & digital asset restoration, cyber extortion, multimedia liability and privacy breach. Security breach response covers costs associated with notification, credit monitoring services, IT forensics, legal guidance and public relations.
For small businesses, you can obtain Cyber insurance quotes in minutes on the RPS e-Commerce platform by completing a short and simple application. For larger businesses, please contact an RPS professional.