Who could forget the “check yes or no” note passing of our grade school days? I am sure my kids would laugh hearing about how we used to communicate with our friends and secret admirers. No cell phones in my day! It definitely was a simpler time in a lot of ways.
Businesses get the secret admirer messaging too but they are, unfortunately, not the type of note you want to receive: “Dear Business, we have decrypted all of your customer data and blocked access to your computers. You owe us 2 million dollars, or you will remain locked out and will share your data online, including your customer’s sensitive information. Looking forward to hearing back from you! Love, Your Cybercriminal.”
According to Swiss Re Corporate Solutions, in 2020 these notes tortured over 2,400 U.S. organizations. The average ransom in 2021 was $1.2 million dollars and rising. While it is exceedingly difficult to prevent attackers, experts agree on five steps every business should be taking no matter their size. Keep in mind, the attackers tend to target small businesses who they assume may not have the same robust security measures in place as a mega-corporation.
- Back up data in offline, off-site systems. This will improve the ability to restore data without paying a ransom.
- Establish multifactor authentication (MFA) protocols. This can prevent a bad actor from accessing your networks or account. Do not allow anyone in your business to be exempt from the protocols you have initiated. P.S. If you haven’t put MFA on your Facebook account, stop reading and do it right now! Instructions here: https://www.facebook.com/help/148233965247823
- Conduct security training and testing. Human error is still the most common way for cybercriminals to gain entry. Enforce robust password protocols, disallow non-sanctioned electronic devices and test employees frequently to ensure they do not click on suspicious email links or attachments.
- Implement thoughtful access control. The more access granted, the more leverage an attacker has when compromising an employee’s credentials. Only allow access to information that is relevant to their job.
- Test your incident response plan. Anticipate and prepare for operational, legal and communication issues that arise during an attack, including sending immediate notification to your insurance agent and cyber insurer. Your cyber insurance company can quickly deploy experienced incident response resources to take the crucial steps necessary to protect your business. And, because decryption and data restoration can take weeks, cyber policies also can cover business interruption, reputational damage, extra expenses and data restoration services.
I hope you only got the good “love letters” this Valentine’s Day. If not, never hesitate to call us and enact that cyber policy!
Tommy Allmon,
President, White & Associates Insurance
*Information in this article is sourced from Swiss Re Corporate Solutions and iamagazine.com. This article is intended for general purposes only. *