Is Your Business Ready for a Cyber Attack?

It’s not a matter of if, but when your business will experience a cyber attack. Data shows that the majority of businesses – small and large – will suffer through an attack (or at least attempted attack) over the next couple of years. How you choose to protect and respond will determine your outcome.

The Inevitability of Cyber Attacks

If you’re looking for a warm and fuzzy feeling, you’re probably better off skipping down to the next section of this article – because the truth isn’t pretty. While you may have thwarted cyber attacks up until now, consider your business one of the lucky ones. Unfortunately, the data shows that your luck will eventually run out.

Ransomware attacks increased by 36 percent last year and are expected to scale even higher this year – as is just about every other form of attack or breach. In fact, the Fortinet (News - Alert) Threat Landscape Report from Q3 2017 shows that 79 percent of companies using the Fortinet network experienced severe attacks over a three-month period. There were an average of 153 attacks per firm. And when you consider that nearly two-thirds of all cyber attacks are now directed at small businesses, it becomes clear just how big of a problem we have.

Not only are the majority of business unprepared and under-protected, but the costs are so high that small businesses often go out of business within six months of an attack. Larger corporations don’t necessarily flop right away, but they sure feel the sting on the balance sheet.

According to research from Microsoft, the average data breach costs corporations $3.8 million in direct and indirect costs. That comes out to a total potential cost of $500 billion for the global community.

4 Ways to Prepare for and Respond to Cyber Attacks

There’s a reason billionaire Warren Buffet calls cyber attacks the biggest threat to mankind (even bigger than nuclear weapons and global warming). Any way you slice it, the outcome looks bleak. However, you aren’t totally helpless. How you prepare for, defend against, and respond to these inevitable attacks will ultimately determine your long-term success and viability.

Every business faces a unique set of circumstances that will, in part, determine the appropriate methods of prevention and response. But having said that, the following tips and strategies will prove helpful regardless of which unique factors are present.

1. Install a Secure Network

The first step is to install a secure network, which should hopefully keep most attacks from actually penetrating your business and breaching your sensitive information. When considering how you’ll configure or optimize your network, you’ll want to sort through issues like these:

• Wired versus wireless connections (or both)
• What kind of computers and mobile devices will be permitted on the network
• How many computers and devices can be on the network.
• Who the network administrator will be
• Which files can be shared and which people will have access to them
• Which additional layers of security will you add on (such as VPN’s and encryption)

There’s a lot that goes into a secure network. It requires the right strategy, the right technology, and the right people. If you’re missing any of these, you’ll suffer.

2. Be Aware (News - Alert) of High-Risk Scenarios

A large percentage of cyber attacks can be prevented through common sense and an avoidance of high-risk scenarios.

“One of the easiest ways for hackers to collect your information occurs when you use unsecured Wi-Fi networks,” entrepreneur Peter Gasca points out. “Any official business, especially the kind that requires a login and password, should be done only through secure networks that you have set up. Mobile phone data networks are also secure - at least for now.”

This isn’t news to you, but it may be a brand new concept to some of your employees. In addition to being aware of high-risk scenarios, employees must be trained to understand and prevent them on their own.

3. Purchase Cyber Insurance

Think about cyber attacks like natural disasters – such as hurricanes or earthquakes. While there are some smart things you can do to lower your risks – such as not building a house on the Gulf Coast or a major fault line – you’re ultimately at the mercy of external factors. If someone chooses to launch an attack on your business, you often have no choice but to respond.

Just as a coastal home would have hurricane insurance, your business needs cyber insurance. Cyber insurance protects things like computer systems, software and data, digital assets, and liability that arises as a result of attacks on these assets. Some business insurance providers, such as King Price, also offer cyber insurance policies. If you can bundle yours together, it’s much more convenient and cost-effective.

4. Develop a Response Plan

You don’t want to find yourself in a situation where you’ve been attacked, and you’re fumbling around for what to do next. Creating a documented and actionable response plan will serve you well in limiting the damage and catching the perpetrators. It also tells you where to direct your energy, dollars, and man-hours.

“It may be cost prohibitive to protect the entire enterprise,” Ed McAndrew writes for NetworkWorld. “Before creating a cyber incident plan, an organization should determine which of its data, assets and services warrant the most protection. The Cybersecurity Framework produced by the National Institute of Standards and Technology (NIST) provides excellent guidance on risk management planning and policies and merits consideration.”

The NIST Cybersecurity Framework has certain standards, guidelines, and best practices that help businesses manage cyber security-related risk. It’s a flexible and cost-effective approach that gives each business the ability to manage as they see fit. It’s a framework rather than a rulebook etched in stone.

Adding it All Up

You’re going to experience a cyber attack at some point in the near future – mark these words down. You don’t, however, have to spend millions of dollars and go out of business within six months. By preparing for these attacks – and preventing the majority of them from coming to fruition – you can continue to press forward.