27.07.2020 8 signs your business should start thinking about cyber security

by Andrew Milne

18% of senior decision makers at small and mid-size enterprises (SMEs) rank cyber security as their lowest priority. Many people continue to believe that cyber security for small business is an unnecessary luxury and something only big corporations should worry about. Many smaller businesses simply don’t hold cyber security in the same regard as physical security or other threats to their company.

But recent security incidents have proven that its not really the size or the industry of the company that matters. Cyber criminals are extremely motivated—after all, data is valuable—and always coming up with strategic new ways to gain access to company systems.

So, if cyber security is no longer for the largest of enterprises, who really is a target? And what can the average SME owner do about the cyber threats targeting their company? Here are eight signs that your business should really start thinking about cyber security.

1. You collect personally identifiable information

Many SMEs underestimate their risk level and assume that they dont have any data worth stealing or theyre too small to even be noticed. In one survey, 82% of small and mid-size business owners reported believing theyre not targets. On the contrary, smaller organizations fall into a sweet spot because they collect the same types of data as a larger company without the security of one.

Take time to assess the type of data you collect. Do you collect full names and home addresses? Do you store newsletter subscribers’ email addresses? What about your employees’ information? If you answered yes to any of these, its time to invest in a proper cyber security solution.

2. You conduct financial transactions

Any business that makes financial transactions online should take cyber security seriously. Whether youre a mid-sized retailer selling through your website or a small charity accepting online donations, you collect and store financial data that is very valuable to cyber criminals.

Financial credentials are so valuable that a cyber threat specifically targeting online stores is emerging. E-skimming occurs when a cyber criminal accesses a stores web server (or a common server supporting several online stores) and intercepts financial transactions. The threat is real and growing, with the FBI estimating that “millions of credit card numbers have been stolen, even over the course of the past two years.

3. Youre governed by cyber security regulations

Each year, more and more countries and industries are developing cyber security regulations, and each year it seems the standards get higher.

In Canada, we have the Personal Information Protection and Electronic Documents Act (PIPEDA). European Union (EU) member states are governed by the General Data Protection Regulation (GDPR). Those in the healthcare sector have the Health Insurance Portability and Accountability Act (HIPAA). The retail, finance, insurance, and energy industries all have their own regulations too.

Noncompliant businesses may be subjected to fines and, for smaller businesses, these fines are crippling. If you dont know which regulations govern your organization (or if you know them, but not how you measure up), that’s a sign you should start thinking about cyber security.

4. You have employees or volunteers

When it comes to cyber security, your employees are your weakest link. A recent study has shown that one of the biggest cyber security risks is employee negligence. So, if you have employees or volunteers who use technology to carry out their work, cyber security is necessary.

Employees are an easy target because most have adopted poor cyber security habits (such as using the same password for everything!) and bring these same practices into the workplace. No matter how many security tools you have, an employee with poor cyber security habits is a risk.

Cyber criminals also know that many employees are either negligent, or simply too busy to notice malicious tactics, and use this to their advantage. This is why phishing—the act of sending legitimate-looking emails to lure the recipient into opening a malicious link or file—is such a popular means for threat actors looking to breach your systems.

Whats worse, phishing as a tactic is evolving and becoming harder to detect. Cyber criminals have started using new platforms such as social networking sites, file-sharing services, and online video games to carry out their phishing scams.

5. You work with third-party vendors

Supply chain attacks are a major risk that any organization working with third-party vendors should recognize and protect against. Just as employees can be a weak link, so can your suppliers and partners. The problem is even if you have your own cyber security set up properly, your vendors may not.

In one case, the point-of-sale (POS) system in thousands of Target stores was infected with malware, breaching the credit and debit card information of more than 40 million customers. An investigation concluded that cyber criminals infiltrated the POS system by stealing the credentials of one of Target’s vendors.

6. Youve adopted modern technology policies & remote work

Like many businesses during COVID-19, youve probably been forced to quickly adopt modern technology practices such as Bring Your Own Device (BYOD) and remote work, without time to update your cyber security strategy.

Enabling employees to work remotely or use their personal devices long-term is appealing to business owners because you save money upfront, improve productivity, and can attract top talent. While convenient, this brings about a whole new set of risks and, unless you have a strong cyber security solution for remote work in place, may end up costing you in the long run.

Employees who use their own devices in-office or rely on them for remote work, for example, may be using an outdated device that leaves them vulnerable to a cyber attack. And if theyre working from home on their personal network, the risks are greater.

7. You use outdated technology

Outdated technology, such as legacy software, is more vulnerable to security attacks. WannaCry—the infamous ransomware that caused serious damage to organizations around the world—specifically targeted businesses running unpatched systems. And because many larger organizations depend on outdated technology, WannaCry caused an unprecedented amount of damage.

Set it and forget it” doesn’t apply to software or cyber security. If your business may be running outdated technology, its time to take cyber security seriously before cyber criminals have a chance to exploit the holes in legacy systems. Remember, the cost of an attack greatly outweighs the cost of updating your technology.

8. You have zero visibility of your network

Do you know what your IT network looks like? Do you know each device that accesses your network? Do you know where your data is stored, how its transferred, or who has access to what? If you dont, its time to make cyber security a priority.

Cyber security can quickly fall by the wayside due to other IT emergencies or priorities. For smaller businesses without a fully staffed security team, network protection becomes a bonus instead of a necessity. But this is the wrong outlook.

Thankfully, there are best practices and tools available that can give you a clearer view of your network and vulnerabilities, so you can proactively defend against cyber threats.

Heres what you do next

The consequences of a cyber attack can be one of the most devastating to any business. There are big costs associated with a cyber attack, regardless if the main goal was to turn your systems offline, compromise confidential data, or damage the companys reputation.

Most businesses today aren’t prepared to detect and defend against cyber threats, especially with the growing cyber attack potential for remote workers. For situations like those, monitoring solutions such as Field Effects Covalence threat monitoring and detection platform can provide the visibility to protect from cyber threats and help improve the security of your business.

To stay informed about cyber risks and ways that the Covalence threat monitoring and detection platform can improve your cyber security, sign up for our newsletter below.

Cyber Security News and Updates

The Field Effect Newsletter

* indicates required


 

Request Demo

Fill out the form and we will send you details about our demo.

 
  • Get Covalence Cloud Now

    Protect your company today

    REQUIRED *
  • Let us know what Cloud Services you have
  • By clicking the button below, you agree to the Field Effect terms and conditions

  • This field is for validation purposes and should be left unchanged.
 
  • Sign up

    Get your free 30-min assessment with a cyber security pro to help you understand your security needs

  • This field is for validation purposes and should be left unchanged.
 
  • Sign up

    Get your free 30-min assessment with a cyber security pro to help you understand your security needs

  • This field is for validation purposes and should be left unchanged.
 

Send Us A Message

Fill out the form and we will get back to you!

 

Think you are ready?

We are always on the look-out for amazing people. Think you are one of them? Complete the form here!

  • Accepted file types: pdf, jpg, png, doc, docx.

Solutions

Field Effect’s experience has taught us that every organization is different – different workflows, different personnel and different threats.

Products

We believe in modularity, simplicity and effectiveness. Our expert developers have lived the challenges you want solved. Build and operate more secure and resilient networks with Field Effect Software.

Company

We are proven leaders in the development of network application solutions, low level systems development, and cyber security analytics.

Partners

Partner with Field Effect and gain the cyber security solutions, services, and support to secure your customer’s operations, drive client success, and realize profits.

Careers

We’re always looking for highly-skilled security and engineering professionals to join our team…

Contact

Field Effect Software helps strengthen the IT security operations of organizations large and small. We understand that different organizations face different challenges, and we’re incomparably qualified to match the perfect solution to your unique challenges. Drop us a line, we’d love to help.

COVID-19 – A message from our Chief Operating Officer