Now is the Time to Be Vigilant on CybersecurityMarch 25, 2020
*Article submitted from NSBA Partner Survive Cyber
Unfortunately, bad actors never let a crisis go to waste. With the coronavirus raging across the United States, small businesses must be extra vigilant with regards to cybersecurity risk. Cybercriminals are using COVID-19 themed phishing schemes to trick employees into opening malicious malware links and attachments. Hastily created remote working environments are creating new security risks for company networks that are being connected to potentially untrustworthy home computers, devices, and employee home networks.
Unfortunately, this pandemic crisis does not look like it will be going away soon. We must assume that both cybercriminals and nation-states will escalate attacks in both velocity and sophistication.
While company resources are already stretched thin in response to this unprecedented business threat, you must consider the following actions to protect your business:
- Employee awareness is critical. Even in normal business environments, employees are often the cybersecurity “weak link.” At a minimum, remind employees of the heightened cybersecurity risk environment and inform them how you will communicate COVID-19 information to them. Employee awareness will reduce employee susceptibility to deception.
- Recognize that remote Desktop protocol, which connects computers over a network, are being targeted. Consider procedures that minimize this risk.
- Immediately implement two-factor authentication. This is a low-cost and very effective security strategy!
- Consider encryption technology in general, but especially for personally identifiable information (PII).
- Develop a strategy to secure and monitor cybersecurity risks of remote staff. There are many inexpensive monitoring services available.
- Create an incident response plan to follow during a cyber crisis. Studies have shown companies that follow an incident response plan during a cyber event fare significantly better than those without a plan.
- Consider cybersecurity insurance; make sure it covers ransomware.
- Join an Information Sharing and Analysis Organization (ISAO) to receive up-to-date and curated cyber threat intelligence. By understanding the threats, your organization will be in a better position to defend itself.
NSBA has partnered with SurviveCyber so that its members can have access to critical cyber security protection.
Survive Cyber is an affordable cyber risk protection platform for small and mid-sized businesses that help reduce cybersecurity vulnerabilities and minimizes the legal and financial risks associated with a breach. Members gain access to US government-backed legal protections against breach-related lawsuits and regulatory fines and timely cyber threat alerts that help reduce exposure. If you become a victim of a data breach while you are a Survive Cyber member, we will reimburse you up to $100,000 to recover from the costs of a cybersecurity event.
Survive Cyber provides all this value for as little as $39.95 per month.