A few years ago, a colleague of mine reported that his PayPal account had been hacked. The cybercriminals pretended to be a client and tricked him into downloading a keylogger, so when he sent an invoice, they managed to steal his password and empty his account. As terrible as this was, things are a lot worse for a lot of other businesses that suffer security breaches. Many of them don’t survive.
There are plenty of horror stories of companies that went bankrupt after getting hacked. In June, a large debt collection company had to shutter its business after a partner company was hacked. Retrieval-Masters Creditors Bureau Inc. reported that its assets were worth over $10 million when it filed for bankruptcy in New York. It was very significant that a company this size would file for bankruptcy after getting hacked.
Unfortunately, many business owners don’t take these threats seriously. The average business owner works at least 50 hours a week. They have so many responsibilities that certain things fall under the radar. Digital security is one of the facets of their organization that does not receive the priority it should.
Many businesses don’t appreciate the importance of online security until it is too late. They might focus more on improving their cybersecurity if they knew the harrowing statistics about data breaches.
Online Security Shortcomings Can Cripple a Business
Online security breaches are a terrifying reality for most businesses. One study found that only 40% of businesses that fall victim to a major data breach will survive for more than six months.
Some companies might still feel that the risk is minimal. They might realize that 60% of companies fail after getting hacked, but still don’t feel that the risk of being hacked is high. However, one study showed that 85% of companies reported having their security systems breached.
Fortunately, most of these companies had adequate security in place, so they were able to contain the damage. The companies that failed to take the right precautions suffered a much higher failure rate.
Every business owner needs to be realistic about the threats that hackers pose to their livelihood. They need to take all reasonable precautions to minimize security threats to stay in business.
We spoke with some experts from Imperva on the cybersecurity risks that businesses face. They stated that business owners need to understand the steps that they need to take for data loss prevention. They also shared some great cybersecurity tips, which we listed below.
Set aside your preconceptions about hackers
A lot of pop-culture movies have mythologized hackers. They have created a dangerous stereotype about them, which causes business owners to let down their guards.
When you think of hackers, you are probably imagining a wiry geek living in his parents’ basement. You probably don’t expect them to be socially sophisticated. This assumption can put you in a vulnerable position.
Modern hackers tend to be clever sociopaths with advanced social skills. They use complicated social engineering scams to dupe their victims into providing details. Murray Goldschmidt, COO of Sense of Security discussed this trend in an article last summer:
“Phishing is the most common form of social engineering and the way cyber criminals gain access to a network. Essentially, hackers trick an employee into trusting them enough to allow network access. As an example, a hacker might spend a few months researching an organization, its structure and the employees within it to figure out the best target and method of approach. These methods could look something like a fake email mimicking that of a company executive, requesting urgent payment of an invoice,” Goldschmidt wrote.
You need to be aware of the complicated social engineering stands that hackers use these days. You will have an easier time defending your company if you don’t underestimate them.
Goldschmidt pointed out that 73% of social engineering attacks were coordinated against careless employees with little technical experience. This underscores the importance of teaching employees about the risks of social engineering and cyberattacks.
Compartmentalize your business and personal information
Too many business owners use their personal email addresses, financial records and other accounts for business purposes. There are a number of reasons that it is a bad idea to comingle them. Your accountant has probably warned you about using the same financial accounts, because it can raise red flags for tax purposes and make reporting more difficult.
However, a few people talk about the security risks of using the same accounts for business and personal purposes. Paul Ewing of the Prosperity Advisory Group is among the experts that has actually raised this concern. Ewing writes that one of the biggest issues is that hackers will have a much easier time finding information about your personal life. They can use this information to reset your security questions and then have full access to your accounts. You also will probably be sharing your personal email accounts with family members that might not be as informed about security risks. The last thing that you would want is your spouse or teenager unwittingly downloading malware from your email account and giving hackers access to your password.
The best approach is to use separate accounts for business and personal reasons. It might seem like more work to set it up at first, but you will save yourself a tremendous number of headaches down the road. More importantly, you will minimize the risk of suffering a security breach.
Instill a sense of urgency among your employees
Your employees need to understand the necessity of cybersecurity. You need to make sure that they are adequately trained to avoid social engineering scams and malware that could put your entire company at risk. You need to let them know that their job security depends on the sustainability of the company. Since nearly two-thirds of companies go bankrupt within a few months of a data breach, they could put themselves and all of their coworkers out of Jobs by filling to protect the company from hackers.
You should probably consider having a cybersecurity expert train your employees about these risks. You can either have an expert in house or outsourced to a seasoned professional. They can communicate the best online security practices to prevent data breaches.
Make sure that all of your malware protection software and firewalls are regularly updated
I spoke with a white hat hacker at a web and interactive media professional group a few years ago. He made a good point about the mindset of black hat hackers. He said that they will weigh the cost of penetrating a system against the reward for doing so. The cost of trying to hack a company with an excellent digital security infrastructure is going to be a lot higher and most hackers aren’t going to make the effort.
You will want to keep your malware protection and firewalls up to date. They are your first line of defense against data breaches.
Don’t let your company become another Statistic
Online security is something that most businesses don’t think about until it is too late. Sadly, over half of businesses don’t survive a data breach. You don’t want to become one of them. You need to take all over half of businesses don’t survive a data breach. You don’t want to become one of them. You need to take all possible measures to protect your business against cyber criminals.
Ryan Kh is an experienced blogger, digital content & social marketer. Founder of Catalyst For Business and contributor to search giants like Yahoo Finance, MSN. He is passionate about covering topics like big data, business intelligence, startups & entrepreneurship. Follow him on twitter: @ryankhgb.