An encryption software flaw can affect up to two-thirds of all active websites.

Why business owners should prepare for ‘Heartbleed’ bug

Cyber security is becoming a larger priority to businesses, but there's one threat that may affect more than two-thirds of active websites, according to reports from the Huffington Post. This internet loophole is known as the "Heartbleed" bug. It has been around for over two years and may have allowed criminals to steal Social Security numbers, passwords or credit card data.

An example of the magnitude of this problem can be found among mobile devices running on the older Android 4.1.1 software, which accounts for 10 percent of Android phone users or 1.1 billion devices. While websites like Netflix and Facebook warn users to change their passwords, this won't be enough of a solution for these Android devices.

"The whole device is vulnerable, so you should be cautious about the kind of sites you use," Lookout security expert Marc Rogers told the Huffington Post. "I'd be cautious about doing banking on your phone."

It has been a week since companies have heard of Heartbleed, but steps taken to protect web users remain minimal. Some websites are trying to repair their encryption code, others are replacing their domain's security certificate, but the majority of websites remain in the same condition, the Washington Post reported. Although there haven't been any confirmed attacks in result of Heartbleed yet, the risk is apparent and organizations need to prepare for any scenario.

Often times executives and their technology departments work on building firewalls and digital trap doors, but what do they do once an attack has been made? This is why it is equally as important to implement disaster recovery planning strategies. This way, employees know exactly what to do in the face of a data breach and inform customers on what they can do after the digital intrusion occurs.