Cyber Security Tips - Week 1: Cyber Security Starts at 'The Top'
If you aren’t ‘cyber savvy,’ then it’s time to hire an IT consultant who can serve as your advisor regarding a cybersecurity strategy for your company; no matter how big or small your company may be. No matter the size of your company, your business is vulnerable to a cyber-attack. And, chances are, unless you have a ‘top notch’ cyber expert already, no matter what you alone have done in the way of prevention, it simply isn’t good enough to prevent an attack from being successful. You may have current antivirus software, a hardware firewall, and a lot of other 'hocus-pocus magic' you read about, and it still isn't good enough to keep you out of trouble if the cyber criminals really want to steal your stuff.
Those cyber criminals send out thousands of malware attacks into the internet, that are on the search for businesses just like yours, looking for weaknesses like an employee who will click on a unsuspecting link, or an unprotected port in your router, or that trusted assistant who will responding to a fraudulent email believing it's from you while you're on vacation. Next thing you know you have some form of malware in your network doing the dirty work it intends to do. It may be stealing social security numbers from your payroll data, or EIN numbers from your vendor files, or bank and credit card numbers from your accounting software. Even worse, it could be encrypting all your files to prevent you from using them in order to execute a Ransomware attack and demand thousands-of-dollars from you just to get your data back.
According to an annual IBM data breach report, data breaches cost companies $3.86-million on average in 2017, and these numbers are on the rise based on preliminary indicators from 2018. It’s critical that the emphasis for cyber security begins at the very top of a business; company leadership with either the corporate officers or business owners must believe that it is essential to have a strategic plan to avoid cyber threats. They must then be willing to spend just as much on cyber prevention as they do for any other risk, such as general or specific forms of liability.
Operations officers must be especially aware of the importance of cyber threats and prevention. Statistics show that their positions are highly vulnerable to aftermath of a cyber-attack because business owners and corporate leaders tend to hold these 'Operations officers' responsible for the results. They place the blame on their subordinate and force them out, rather than recognizing their own abrogation of responsibility to provide the appropriate corporate or management commitment and resources.
Until there is truly a real understanding and investment in cyber prevention and security, starting at the very top and working its way down through the entire business, no matter what the size, every business will remain vulnerable to today's growing cyber threats.
Be sure to be on the lookout for my next 'cyber security tip' next week.