Cybercrimes aren’t anything new, but cyber attackers have become sneakier and more aggressive. As a result, companies are becoming increasingly proactive about protecting their technological profiles, especially as some of the biggest data breaches in recent history happened to companies such as Yahoo, JP Morgan Chase, Target, Starwood Hotels, eBay and more.
The Yahoo data breach of 2013/14 affected 3 billion individuals. At the time, Yahoo had to renegotiate the cost of its sale to Verizon, reducing the cost by $350 million. That was obviously a huge hit to shareholders.
And, it’s important to note that individuals and small- to medium-size businesses can also fall victim to cyberattacks (see Facts and Stats below).
What is Cybersecurity?
Cybersecurity is
defined as the measures taken to protect a computer or computer system against
unauthorized access or attack. Cybersecurity is used to protect hardware,
software and any information on the Internet—from personal information to
entire government systems.
Many times, malware (i.e. malicious software), which consists of spyware, ransomware and viruses, is used by cybercriminals to attack a system in order to obtain information.
Five Cybersecurity Facts and Stats
- Cyberattacks are the No. 1 risk to an enterprise (research/survey of executives in Europe and advanced economies).
- The average cost of a data breach in North America for enterprises was $1.3 billion and $117,000 for small to medium-size businesses (according to a 2017 report by Kaspersky Lab).
- Cybercriminals (who, by the way, can be put on the FBI’s Most Wanted List) will steal an estimated 33 billion records by 2023 (2018 Juniper Research study).
- More than half of all global data breaches will occur in the United States by 2023 (prediction by Juniper).
- 92% of malware is delivered by e-mail (Verizon 2018 Data Breach Investigations Report).
- Malware attacks against mobile devices are on the rise.
How can you protect yourself or your
company?
Companies and
individuals should have multiple cybersecurity measures in place when it comes
to their systems and networks.
One common cybercrime is called phishing, which involves sending e-mails from a supposed reputable company in order to attain personal information, such as passwords, credit card numbers, etc. Today, most banks and utility companies tell customers that they will never ask for passwords or other personal information in an e-mail.
Other security and preventative measures you should have in place include: firewalls, anti-virus software on every computer, changing passwords regularly, never clicking random links, and most importantly, never ignoring software updates.
Attorney Brian Reider, with Best, Best, and Krieger works with privately-held businesses. He has worked with many companies to help resolve cybersecurity problems. He insists that initial prevention is critical. “Failure of companies to apply software updates and patches supplied by vendors is one of the major reasons for data breeches”.
What do you if you or your firm
becomes victim to cybercrime?
If your company falls
victim to a data breech, Reider suggests taking these immediate actions:
- Notify local law enforcement. Pass on all the information you have so officials can file a report and begin investigating right away.
- Contact your insurance agent. Determine with your agent if you have coverage that will
protect you and help pay for the potential damages.
- Call your attorney. Depending on the nature and extent of the cybercrime, you and your lawyers need to determine which obligations to notify exist—for example, California state law requires companies to notify customers and may also require the company to pay for credit monitoring for those whose data has been exposed.
- Mobilize your IT team. Your IT team, whether outsourced or not, needs to figure out what happened and fix the problem as soon as possible. Reider says this is especially important because “the malware created a weakness that exposes (the company) and it could just be waiting for a few months to pass and do it again. IT needs to patch it to prevent a future breech.”
- Consider reaching out to a Crisis Management team. Depending on the degree of the data breech, it may be in your best interest to hire a Crisis Management team to help develop your communications regarding the breech to your employees, customers and the public.
After the situation is under control, Reider says to “circle back to the prevention tips right away. Everyone may need a booster shot on what to do about SPAM, unknown links, etc.” Read more about prevention tips in Reider’s guest contributor article here.
With the cost of cybercrimes to businesses and corporations on the rise, it is more important than ever to protect your information.
Data security is paramount, especially for financial assets. Rest assured, LifeSteps Financial has several safeguards in place. For information on these safeguards, feel free to contact us today.
Resources:
Verizon Data Breach
Investigations Report (2018): https://www.verizonenterprise.com/resources/reports/rp_DBIR_2018_Report_en_xg.pdf
Kaspersky Lab report (2017): https://go.kaspersky.com/IT-Security-Economics-Report.html
Juniper Research: https://www.juniperresearch.com/document-library/white-papers/cybercrime-the-internet-of-threats-2018
