Prevention is Key
When you purchase a cyber policy, you should maintain appropriate security measures to prevent a cyber incident from happening in the first place, as discussed in parts one and part two of this series. In this case the focus will be in actions you can take to reduce cyber risks.
Imagine an employee accidentally opens a link in an email. This link turned out to be attached to a downloadable compressed file (aka a “.rar”). This is secretly a piece of invasive malware that will leak all data available in every computer in your company since they are all connected. If they opened that download and you do not have any security measures in place, you would be a victim of a completely avoidable cyber-attack.
Why completely avoidable? Because there were many instances in which an attack could have been stopped.
For example: If your company had any IT (Information Technology) onboarding or internet security onboarding, employees would know not to open anything except the e-mails coming from trusted sources. Furthermore, if an anti-malware software were in place, it could have been stopped before too late. Also, there should be differentiated levels of access so not any employee can open any file.
“There are many instances in which an attack can be stopped. .”
Steps to Reduce Cyber Risks
There are no sure-fire ways to protect computer systems. Plus, there are exploits, points of weakness that can be discovered by hackers down the line and unveil vulnerabilities in systems already deemed secure.
Despite these shortcomings there are several things you can do to create a more secure environment:
- Installing, maintaining and updating security software and hardware or tighten your current security system.
- Contracting with an IT security services vendor or having an in-house IT dedicated team.
- Using cloud computing services: these store all their data on the internet and tend to have outstanding security measures in place.
- Developing, following, and publicly posting a data privacy policy.
- Regularly backing up data at a secure offsite location.
- Do not forget to update all it takes is a tiny hole in your system for hackers to poke their way in. It is critical to run regular scans and keep everything up to date.
- Protect outbound data. Just as you protect your system from incoming malware with a firewall, you need to make sure certain data never leaves your system.
- Raise awareness. It is important for everyone in the organization to be savvy and alert about security issues. Consider the following report from Verizon (https://enterprise.Verizon.Com/resources/reports/dbir/) 70% of the breaches in 2020 were caused by outsiders and 86% of them were financially motivated.
- Be smart about passwords: make sure every password is accounted for, and that each one of them are as strong as they can be. This also involves awareness since all employees should be in the known on how to make a password stronger and to use password managers which are even more secure.
- Encrypt data. All Personal Computers and personal information stored in databases and on servers should be encrypted.
Cyber-Insurance is a necessity
Although this article has gone over several resources and tips to ensure that data liabilities stay protected, there is no way to protect everything a 100%. Cyber Liabilities are always in danger because there are malicious people constantly evolving procedures to exploit whatever weakness they can find in software or around the internet. A good preventive strike is to have insurance for any cyber liability, of course depending on your business. Keep your business safe and stay protected. A big claim or series or claims could be difference between owning a business and going bankrupt.