Do you know the early warning signs of a Data Breach?

According to a report release by released by the Identity Theft Resource Center (ITRC) and CyberScout, more than 1500 business were the victim of a Data Breach in 2017. The cost of these data breaches, according to a Cost of Data Breach Study administered by the Ponemon Institute, was $3.62 million. This amounts to more than a $5 Billion cost to the business community in 2017 alone. This is a risk that your business can protect by purchasing adequate Cyber Insurance, but there are additional steps that can protect your business from a data breach on a daily basis.  Here are six things every small business should do to prevent a Cyber Attack.

Data Breach Insurance is a must for all Small Businesses.

Hire people who know Cyber Security

If you are not technologically advanced, it is imperative that you hire someone who is and pay them well. The average price of a data breach is TKTKTK. Hiring a well-trained professional to protect your business is extremely important. Paying them a good salary is the best way to keep them from being poached by the competition.

To prevent a Data Breach, Watch for Unusual Behavior

If a computer program that you use daily starts acting up, investigate it for more than just a hardware or software malfunction. Any time there is an irregularity, check that system for any further compromises.

Investigate Suspicious Files

Any time malware is detected, or an employee reports opening a suspicious file, do not take any chances. In the American system of justice, defendants are innocent until proven guilty. Well in the realm of cyber security, it is always best to assume the system is infected until proven other wise.

Run Scans to prevent a Data Breach

Anti-virus and anti-malware programs need to be up-to-date. Someone within your business should run vulnerability programs to look for missing protections or other security risks.

Check Your Credit

Customer information is not the only confidential information on your businesses server. There is plenty of information about your your business and the employees.  If you are a small business owner you should keep a tight watch on both your business and personal credit history. A drastic change in either of these reports can show your business has been compromised.

Monitor Computer System Communication for signs of a Data Breach

Your or your IT representative should regularly monitor communication patterns on your network. If use see an employee’s computer transmitting large amounts of data, especially outside of the network, it could be a sign of a hack.

 

Examples of Cyber Attacks

Target, the IRS, Anthem BlueCross/BlueShield, Yahoo, and Ebay; these are just a few of the biggest data breaches over the past five years. When a person hears about a data breach in 2018, it is human nature to envision an IT Scientist cracking the code of an in-depth system of cyber security. Sometimes this is the source of a cyber attack, but many of the largest data breaches in history were started by something not highly technical. Here are some Examples of Cyber Attacks and how they begun.

Examples of Cyber Attacks | My Insurance Question

General Manager of a Professional Baseball Team uses a Weak Password

This actually happened between the Houston Astros and the St. Louis Cardinals when the Astros General Manager used the same user name and password in Houston that he had previously used when he worked in the Cardinals Front Office. Some employees from the St. Louis Cardinals Organization used this information to log in to the internal computer systems of the Houston Astros and obtained access to a database known as Ground Control, which was created by Luhnow. This database included details about confidential discussions within the Astros organization, player evaluations, trade recommendations, statistical information and more.

High-level Industry Executive uses the same password for all accounts

Many high level industry executives have extensive experience and expertise in their particular profession, but have only used computers for some or a small portion of their career. Many high level execs deal with interpersonal relationships between departments, partners and even competitors much more than the day to day operations of a business. For this reason they may not be as in tune with the risks a business faces in the realm of cyber security. These execs also have access to some of the most precious information a business may possess. This makes them prime targets for cyber attacks. In many industries there are many computer programs that require these execs to remember many different usernames and passwords. When you pair these accounts with all of the accounts these people have to use in their personal life, it is human nature to use the same password for multiple platforms. This makes it easy for hackers to find their password from one platform and use it to gain access to a bigger platform with more valuable sensitive information.

Salesman is travelling across country and has their laptop stolen in an airport

A few of the most common examples of cyber attacks are when an employee has a laptop stolen when they are away from the office. Depending upon the information saved on the device, it can be the source a hacker uses to start a data breach. Several data breaches have started when an employees laptop was stolen when their car was broken into and another occurrence happened at an airport while travelling for business. Bringing this to the attention of your employees when they use devices remotely will go a long way towards protecting your business.

Employee leaves the password to his computer on a post-it note attached to his desk

Leaving out a password in plain view can be a common way someone gains access to internal servers. Most offices have commercial cleaning companies in the facility after hours with little to know supervision. The people who work for these third party companies may or may not be ethical. Regardless it is imperative to not give them the opportunity to gain access to your internal computer systems. Many banks do monthly walk-throughs on unannounced days to find if employees are leaving sensitive information out on their desk. Depending upon the type of information your organization works with, this might be necessary for your business.

An employee clicks on an email that is actually a phishing scam

Phishing scams are a very common way for hackers to either install something malicious on one of your businesses computers or gain access to your internal servers. A phishing scam is when a hacker sends an email that looks legitimate asking the receiver to click on something within the email. Many of the emails look very authentic. There are businesses out there that can help you send out test emails to prepare your employees for a phishing scam. The company will send out an email periodically to see who will fall for the request. If the employee clicks on the link you are notified and you can go through additional training with that employee.