October 14, 2022
(Editor's Note: We take cybersecurity very seriously and in recognition of Cyber Security Month, we asked our Chief Information Security Officer Marc Machin to share some insights and tips that we hope you will find valuable and share. This was included in our bi-weekly client newsletter and we thought it would be worth sharing more broadly.) Cyberattacks. Cybercrime. Cybersecurity. These topics are all around us every day. Trying to stay ahead of the bad guys can be overwhelming. But we can't afford NOT to. Consider this:
The average cost of a data breach to small business can range from a few hundreds of thousands of dollars to millions of dollars
Over 50% of all cyber-attacks are done to small/medium businesses
Over 70 million people fall victim to cybercrimes annually
Upwards of 80% of ransomware victims suffer a second, or repeat attack
A mere $50 can get you some ransomware plus a tutorial on how to use it.
A business suffering a breach or ransomware attack can not only find themselves on the evening news but can find themselves out of business and in a courtroom. Scary, isn't it?
In 2004, President Bush and the US Congress designated the month of October as Cybersecurity Awareness Month. The goal has been to help drive cybersecurity awareness, for individuals and businesses alike. Such awareness can help to remove the complacency (this can't happen to me!) and foster a culture of "this CAN happen to me" with guidance on how to reduce the risk.
So what can you do? Combating cyberthreats doesn't have to involve complex implementations of technology. Here are four simple things recommended by the Cybersecurity and Infrastructure Security Agency that everyone can do to help them stay safe:
Spot the phish - Before you click on anything that is within the email you received, stop. Does anything seem off? Think before you click on anything. This could be an attempt to either install malware on your computer or obtain your sensitive information.
Update your software. Promptly. The bad guys are constantly looking for vulnerabilities in the software we use every day. And the vendors are constantly working on patches to stay ahead of the bad guys. If you don't apply that update, then you may leave a gaping vulnerability available to attack.
Strong passwords! We all must deal with the plethora of passwords to log into everything. From our online bank account to our online games and everything in between. Make sure your password is unique, long, and very difficult to guess. Do NOT use the same password for everything. Use a password manager to securely store all your unique passwords.
Wherever possible, enable Multi-Factor Authentication. Passwords alone aren't as safe as we might like. If your application or web site supports it, enable multi-factor authentication. If the bad guy obtains your password, he still can't access your private information if he needs the one-time code from your mobile device.
Don't just limit these suggestions to your place of business but take them home and use them in your personal life. Educate your family and friends. Cybersecurity is everyone's business.