Cyber Security: How Do I Protect My Business From a Data Breach

CYBER SECURITY: HOW DO I PROTECT MY BUSINESS FROM A DATA BREACH

By Patrick Logan, President and Certified Computer Examiner

What is Cyber Security?

Cyber Security (or Data Security) concerns the protection of data from accidental or intentional, but unauthorized modification, destruction or disclosure through the use of physical security, administrative controls, logical controls, and other safeguards to limit accessibility.

Why Worry About Cyber Security?

Most small businesses take the attitude of “Why would anybody care about our data? We are just the little guys.” The problem is that hackers tend to target small businesses because they do not have the resources to implement high-end cyber security protection and they do not think they would be a target because they are small.

According to the recent reports, 61% of breaches in 2017 were of small businesses, up from the previous year’s 53%.  Small businesses store not only their own critical data and information but also customer records like credit card and social security numbers, vendor information, customer lists, passwords, and much more.

 

Top Cyber Security Threats for 2018

Social Engineering Attacks are how hackers and data thieves cleverly access your secure information through phishing, impersonating other companies and people, and other common tactics.  It is estimated that phishing attacks cost U.S. businesses more than $5 million each year.

Ransomware is a relatively simple form of malware that breaches defenses and locks down computer files using strong encryption.  Global cost damages from ransomware exceeded $5 billion in 2017, up from $325 million in 2015.  Experts expect the number of cloud-based ransomware attacks to greatly increase in 2018.

IoT Attacks will continue to increase.  While IoT devices have many uses and are designed to make life easier and simpler, they connect to the Internet and are vulnerable to bad actors if proper security measures are not in place.  It is estimated there will be over 20 billion connected “things” by 2020, each representing a portal to the network which can be hacked or compromised.

Data Breaches are confirmed incidents in which sensitive, confidential or otherwise protected data has been accessed and/or disclosed in an unauthorized fashion. According to a recent study, 500 million records had been exposed by data breaches in 2014.  By July 2017 that number was closer to 6 billion records.

 

How Can Data be Better Protected?

Strong Passwords are at least eight characters long and contain a combination of upper and lower case letters, special characters, and numbers. (See below for additional password tips.)

Computer Maintenance and software updates are perhaps one of the most important data security tools the everyday user needs.  Hackers can exploit weaknesses found in computer programs that security updates can prevent.

Data Encryption translates data into another form so that only people with access to a secret key or password can read it.  The purpose of data encryption is to protect digital data confidentiality as it is stored on computer systems and transmitted using the Internet or other computer networks.

Security Testing and regular vulnerability assessments by certified technology experts are a must.  This testing can provide a comprehensive and prioritized view of what should be done to best protect data from attacks by cyber criminals.