Time to change password.

Changing passwords can help, but effective cybersecurity measures must be much more robust.

Cyberattacks growing more prevalent and costly

The information age that aptly describes these times is truly one of endless opportunity. With a few keystrokes, mouse clicks or finger swipes, data in virtually any and every form can be called up instantly.

Unfortunately, it's with this same breathless ease that cyberattackers can bring a business to its knees by exposing or exploiting financially compromising material. Research and greater understanding of hackers' strategies have provided some sense of safety and assurance, but their ability to adapt and modify their schemes leaves millions of companies vulnerable. These monetary losses globally are in the hundreds of billions of dollars, and based on a newly released forecast, costly breaches are expected to continue occurring at a frighteningly frequent clip for the foreseeable future.

"The cost of data breaches is expected to reach $3 trillion to $5 trillion by 2024."

That's according to a recent report from Juniper Research, which found the cost of data breaches is poised to reach $5 trillion as soon as 2024. That's an average annual growth rate of 11% and approximately 70% over five years.

Small businesses are in the crosshairs
Perhaps the biggest threat that cybercrime poses is it can happen to anyone – and at any time. In recent years, organizations affected by the boom in breaches have run the gamut, including big box retailers, credit unions, financial institutions, grocers and even companies that produce mobile device apps. While many of these incidents have adversely impacted well-known companies, most affect lesser-known businesses with a smaller footprint. Indeed, according to a breach investigation report conducted by Verizon, 58% of cyberattack victims in 2018 were small businesses with an employee base of 250 people or fewer.

Cyrus Walker, managing principal at cybersecurity advisory and response firm Data Defenders, told Forbes that those who concoct online attacks are unrelenting and perpetrators frequently target small businesses because it's the path of least resistance.

"The threat environment is active and intense," Walker warned. "A cybercriminal has a much greater opportunity for success in attacking a small business because small businesses are very weak in their security countermeasures."

"Employees need to be cognizant of the threats that exist."

Cybercriminals not only have more opportunities to purloin data, but also a variety of ways in which sensitive material can be obtained. This includes phishing, malware, ransomware, denial-of-service, man-in-the-middle and zero-day exploit. Cybersecurity experts at Juniper Research note that while software and hardware can make it easier for businesses to detect and root out breach attempts, employees themselves need to be cognizant of the threats that exist and thus must make smarter decisions when handling sensitive material or surfing the internet.

"All businesses need to be aware of the holistic nature of cybercrime and, in turn, act holistically in their mitigation attempts," advised Susan Morrow, who authored the Juniper Research report released this past August.

With October being National Cybersecurity Awareness Month, here are a few strategies you and your employees can use to more proactively defend and protect the financial data of your business and your customers so it doesn't fall into the wrong hands. These tips and tricks are recommended by the National Cyber Security Alliance:

  • In addition to obtaining security software, ensure it remains current by taking advantage of any and all newly released updates. You can do this easily by having updates installed automatically in the 'settings' or 'preferences' portion of your software. 
  • Back up data on a regular basis – both on a hard drive and within the cloud.
  • Review and legislate with employees what websites or online activities are off-limits.
  • Instruct workers to never open an email that's unfamiliar or appears suspicious.
  • Look for tell-tale signs of phishing, such as unusual domain names, misspellings and/or requests for personal information.

In an age of cyberwarfare, you can't afford to enter the battle alone. KETCHConsulting can arm you with the tools and defenses you need to withstand the slings and arrows of data hijackers by establishing a hot site, which you can use to fortify data so the effects of a breach are mitigated. For more information about hot sites and how KETCHConsulting can help with business continuity planning, please contact us today.