As Americans abide by stay-at-home orders and scramble to watch movies like Jo Jo Rabbit and Parasite, it’s important to remember that very often, the Academy overlooks would-be greats – especially if those films are of an obscure topic like cybersecurity. The Great Hack, a 2019 documentary about the Facebook–Cambridge Analytica data scandal, is a perfect example.
Movies are made when the collective mood and cultural moment call for its creation. And, The Great Hack is no different. In 2018, breaches occurred at Adidas, FedEx, Macy’s, Under Armour, Nordstrom, and most widely reported, Facebook. In 2019, that dubious list expanded to include: Quest Diagnostics, Houzz, Capital One, Dubsmash, mobile game producer Zynga. The time to confront this growing menace is now.
Cybersecurity threats continue to increase and impact businesses of all sizes. In the first half of 2018, the number of cyber breaches soared over 140 percent from the previous year. More than 3.3 billion data records were compromised across the globe last year. In 2019, the average cost of a data breach at $8.19 million. Likewise, US businesses and remained the favored target for cybercriminals worldwide.
Combined, these threats account for close to 80 percent of stolen, compromised, or lost records. While identity theft leads to security leaks, financial access issues are growing in severity as well. The very un-Hollywood conclusion is this: cybersecurity for small and medium-sized brands is not the priority it should be.
Recognizing the seriousness that more must be done to combat these issues, below are our tips on how to increase security in your business. Follow these four steps below to tighten your brand’s cybersecurity and protect your information.
Step 1: Make Sense of Your Security Investment
The tools and staffing required to avoid cybersecurity attacks necessitate investments in staffing, resources, and technology. But, the protection benefits the whole organization. When considering the needs of your organization, there are two main cost elements to consider.
- What is your company paying now to secure its data?
- How much will you need to pay when an attack occurs?
The big challenge with investing in security is to determine how much is needed. For many small and medium-sized businesses, cybersecurity costs are usually part of an IT budget. With too little budgeted, you may be vulnerable to attack. On the other hand, it’s challenging to figure out when you are spending too much.
When crunching the numbers, consider the following findings from a recent study conducted by the Ponemon Institute, an organization that conducts independent research on data protection and emerging information technologies:
- The average cost of a breach is $8.2 million
- The average cost per compromised record is $150, up from $148 in 2019
Step 2: Re-Up Your Resource Management
According to Endurance International Group, 83 percent of small businesses with less than ten employees handle cybersecurity on their own. However, to combat increasingly significant threats, companies require dedicated security resources, either in-house or outsourced to a service provider.
Security awareness tools provide simulations and cybersecurity training for employees. Why is security awareness critical? Your people – employees, contractors, and vendors – have access to your organization’s most sensitive data. Educate your staff and test their acumen on phishing, social engineering, and ransomware via live simulations. Again, the Ponemon Institute discovered that even the least effective program still resulted in a 7-fold ROI, including lost productivity time.
Step 3: Enforce Strong Policies
According to ITProToday, only 36 percent of businesses are using multi-factor authentication for internal access. Beef up your password policy using tools like single sign-on (SSO) and multi-factor authentication (MFA). These provide additional layers of security. Also, they can prevent a single stolen password from compromising sensitive information.
Breaches are frequently caused by unaware (read: careless) behavior. Promote a clean desk and whiteboard policy. It’s also best to implement barriers like managed entry systems for your office building. Use clear guidelines, educate your employees, and stay aware so that you can avoid social engineering attacks.
Step 4: Create a Crisis Response Plan For Your Clients
One of the potential consequences of a security breach is the loss of your customers’ trust. While you might have a behind-the-scenes internal plan, you’ll need a public-facing one, too. If an attack happens, you will need to give your customers transparent communication and ongoing reassurance that you’re taking care of the issue and that their data is safe.
Sentribit is a trusted partner of enterprises throughout the New York metropolitan area because of their deep understanding of the dangers associated with a data breach. By assessing and measuring risk to identify the likelihood and impact of a cyber event, Sentribit prepares organizations with a complete and versatile executive threat strategy.
We offer our clients:
- Around-the-clock cybersecurity monitoring
- Real-time analytical insights
- Reliable security intelligence
- Managed endpoint protection
- Targeted pen testing and vulnerability assessments
- On-call incident response
A Warning from Tinseltown
The Great Hack examines how Cambridge Analytica, a defunct private data collection company, became a 21st century villain. Through its aggressive efforts to gather personal online information via social media usage (including 50 million Facebook users), the organization used that data without consent to create highly targeted marketing outreach to influence voters’ opinions.
While this breach of public trust captured global headlines, it’s important to remember that small and medium-sized businesses are at even more at risk. With 30+ years of experience in the IT industry, Sentribit utilizes what you could call an “Oscars-worthy” approach to security that spans people, processes, facilities, and technology to help keep your business safe.
The 2020 awards season may be in the history books. But for the remainder of 2020, “nominate” Sentribit as your go-to cybersecurity leader, and we promise we’ll deliver some Hollywood-level “ACTION!”