Click Here to Watch a FREE CTSi CyberSecurity Webinar.
It sent shockwaves throughout the business world: Equifax, one of the three largest credit-reporting agencies responsible for managing millions of consumers’ credit data, announced last September that they had been hacked. Sensitive personal information for over 140 million U.S. customers was suspected of being compromised. Big businesses are not the only victims of cyber crimes like this, and the statistics relating to these crimes are chilling:
- 40% of all malicious attacks target small to medium-size businesses (SMBs).
- Approximately 50% of all SMBs have experienced an attempted data breach within the last year.
- 60% of all SMBs that experience a successful cyber attack are unable to survive the first six months following the event.
Welcome to the Dark Web
The term “Dark Web” sounds like something lurking in the shadows of a fictional spy novel, however, it is far from fictional. It’s a place on the Internet where illegally acquired data is bought and sold. Customer, employee, and vendor data, as well as business information, e.g., trade secrets, client lists, and strategic marketing plans, are like gold for the hacker.
No One is Immune to AttackSome of the most highly targeted business sectors include:
- Construction and manufacturing
- Professional and legal services
- Financial institutions
- Real estate
- Educational institutions
- Architectural and design firms
- Government agencies
- Travel and transportation firms
- Retail and consumer-products companies
- Utility companies
The Reality of Risk to Your Company
If your company has experienced a data breach, then you know fear is warranted; if you haven’t, it’s not a matter of if an attack will occur but rather when. Cyber Security is no longer optional. In today’s business environment where digitization and mobility are increasingly necessary, the more digital and mobile we become, the more vulnerable we are to cyber attacks.
The vast majority of cyber attacks are the result of human error. These security breaches include:
- Phishing attacks resulting from opening a fake email or visiting to a harmful website;
- Password theft resulting from the use of weak passwords or passwords thats are also used for personal accounts;
- Ransomeware, where a company’s data are held hostage through encryption until a ransom, often equaling thousands of dollars, is paid;
- Other Point-of-Entry attacks, such as through mobile devices and the use of unsecured WI-Fi networks.
The Cost to Your Company
The harsh reality of a data breach is that while your company a victim of a criminal act, it may also be held liable for damages incurred by your customers. Your legal responsibility to protect your data extends beyond your computer. It also includes other data formats, e.g., paper copies, and microfilm, even if the information has been transferred and is no longer stored on your computer.
In the event of a serious data breach, a company can typically expect tangible costs ranging from tens of thousands to hundreds of thousands of dollars. These costs cover a variety of necessary services, including:
- Investigative services to verify the existence, nature, and scope of the breach;
- Corrective measures to halt the breach;
- Recovery services to restore your data and systems, and to prevent the breach from recurring;
- Legal services to protect your company from resulting litigation.
There may be additional costs as well, both tangible and intangible, including:
- Possible civil judgments and fines;
- Immediate and long-term loss of sales;
- Loss of employee productivity;
- Loss of customer trust and loyalty;
- Long-term damage to your brand value and market position.
Virus Protection Isn’t Enough
According the FBI’s most recently released Cyber Crime briefing, the number of reported cyber attacks against businesses is expected to rise in coming years. Hackers are constantly adapting and changing their tactics. This requires a multi-vector strategy to data security that addresses all access points. In addition, your technology users need to be adequately trained to avoid making very costly mistakes.
If cyber security hasn’t been on your radar, it should be. Yet, it’s understood that as a business owner or manager, there are many more things you need to focus on other than constantly worrying about your data being hacked. There is a reasonable approach to cyber security that can free you to focus on your business and help you find peace of mind. CTSi uses a Multi-Vector Approach to anticipate, detect, and cut off hackers. We can help you implement your cyber security strategy.
Where should you start?
I’d recommend watching our recent webinar.
It’s free to watch and provides basic information both from a technological and legal standpoint so you can begin to understand your risk and make an informed decision.