Cyberattacks cost organizations billions of dollars in lost time, data and reputation, One in five small businesses are estimated to suffer a cyber breach this year but 97% of these breaches could have been prevented with the right cybersecurity in place. In a recent webinar, BerganKDV technology consultants Rich Eckstein and Matt Hatting shared a checklist that organizations can defending themselves from an inevitable cyberattack.
1. Don’t wait on getting a security assessment completed for your organization. Many times, business owners or IT want to wait until they get their house in order a bit more before they have someone come in to evaluate their systems. Don’t fall into this mindset, get the assessment done now rather than later to give you a roadmap of what needs to be addressed and in what priority. One way to do this is by knowing your FISASCORE. BerganKDV offers this free assessment that will help you get an idea of where your organization is related to the health of your information security.
2. Spend some money on a decent spam email filter. A good spam filter for your email can weed out things like spoofing emails where someone takes on the identity of a key leader and sends emails internally asking for things like wire transfers of money. A good filter will recognize this email is coming from outside your organization and could potentially delete it before it gets to its intended recipient who could mistakenly act on it or click a malicious link.
3. Keep changing those passwords. Staff can sometimes not be too thrilled with coming up with those passwords that have several factors like an upper and lower case letter, a number, etc. but this is a good line of defense, especially when you are vigilant about requiring your team to update their passwords on a regular (at a minimum quarterly) basis.
4. Create human firewalls. Training your staff on all the cybersecurity risks out there can help your organization avoid an attack. Go beyond training staff on how to detect phony emails. Make sure to educate them on social engineering attacks, like social media or who is physically trying to getting into their work space.
5. Endpoint security. More and more employees are accessing their corporate networks from their personal wireless mobile devices, like cell phones and tablets. Each device with a remote connecting to your network creates a potential entry point for security threats. Having the appropriate endpoint security in place will help you ensure these devices follow an appropriate level of compliance standards.
Want to hear what else Rich and Matt covered? Start here to protect your organization from a potential cyber breach.