The Hidden Costs of a Data Breaches
Data breaches happen all the time. From ransomware to business email compromise, businesses are predicted to lose 10.5 billion dollars to cyberattacks per year by 2025. Do nothing and it’s only a matter of time before hackers strike. Fortunately, there is much you can do to harden your business to attack. Follow CyberHoot’s advice below to protect your business from harm and improve your chances of withstanding cyberattacks.
CyberHoot Advice:
- Train your employees on the common attacks that are out there. From weak passwords and password managers, to the importance of multi-factor authentication and how to spot phishing attacks. Awareness is the key to defending your business.
- Govern you employees with cybersecurity policies including Acceptable Use, Password, Information Handling and a Written Information Security Policy.
- Establish cybersecurity best practice processes such as a Vulnerability Alert Management Process (VAMP) and a Cybersecurity Incident Management Process (CIMP) to guide and require action in the face of an emergency. Then move on onboarding and offboarding processes, SaaS management processes, and 3rd party risk management.
- Establish strong technical protections including: a Firewall, antivirus, anti-malware, anti-spam, multi-factor authentication on all critical accounts, Enable full disk encryption, manage the keys carefully, and most importantly, adopt, train on and require all employees to use a Password Manager.
- Finally, train employees on how to spot and avoid phishing attacks. CyberHoot has released a disruptive method of Phish Testing the fills in gaps in your employees knowledge without punishing them for failure. Instead we reward them for success. More info is available here.
While the FBI states there are two types of businesses:
- Those that know they’ve been compromised. and
- Those that don’t know they’ve been compromised
CyberHoot believes that for many small to medium sized businesses and MSPs, you can greatly improve your defenses and chances of not becoming another victim of cyberattack if you follow the advice above.