Cybersecurity and theft prevention are more important now than ever! Threats are real, sophisticated, and seemingly endless, and how your company deals with these risks can be either proactive or reactive. Awareness, commitment, and prevention are crucial to avoiding a security nightmare.
Cybersecurity Best Practices and Tips
- Believe that threats are real. Businesses of every type and size can be targeted. Don’t underestimate the perseverance and creativity of criminals.
- Know your situation. Identify and assess your unique risks and vulnerabilities. Partnering with specialized service providers can help.
- Understand the type of data you are collecting and why you are collecting it. Collect and keep only what you need. Ask yourself, “Do I really need to be collecting this or keeping it?” Follow all applicable retention laws and regulations.
- Develop your cyber security plan and put it in writing. Include appropriate company policies and procedures. They will help establish the rules of conduct and responsibilities within your company. If necessary, consult qualified legal counsel.
- Don’t use older, unsupported operating systems. Older versions are more susceptible to vulnerabilities and become attractive targets to attack. Don’t be low-hanging fruit!
- Implement and maintain appropriate system and network security, such as malware protection, firewalls, data encryption, security access, and password policies.
- Don’t overlook the importance of physical security. Safeguard the building and control who has access to data.
- Start small. The topic of cybersecurity can be daunting, so once you have a policy or procedure implemented / mastered, continue to add others to expand your cybersecurity techniques.
- Communicate with and train your employees! One of the weakest links in a cybersecurity system can be the people using it. You can have the best plan in the world, but if people don’t know about it or follow it, it’s the same as having no plan at all.
- If you outsource services to a cloud computing provider, understand what you’ve signed up for. Who owns the data? Where is it stored? How is it secured? Don’t assume the cloud computing provider has “taken care of it.”
- Monitor results. Regularly measure the effectiveness of your plan and the factors that went into developing it. Make changes as needed.
- Adopt a continuous improvement mindset. Don’t approach cybersecurity with a “one and done” mentality. Success requires active and continuous commitment to risk management.
Cybersecurity has become a major exposure with the potential to cause significant losses to a business. The main defense against cyber risks is risk management.
However, even when preventive steps have been taken and best practices are followed, businesses can still find themselves suffering an unexpected loss. Consultation with a knowledgeable insurance advisor about proper insurance protection is an important part of an overall risk management program.
By: Laramie Sandquist, CPCU, ARM
This article is for general information and risk prevention only. This article should not be considered legal or other expert advice or an offer of insurance. The recommendations herein may help reduce, but are not guaranteed to eliminate, any or all risk of loss. The information herein may be subject to rules and regulations in your state. Qualified counsel should be sought with questions specific to your circumstances.