It can seem so legitimate. You get an email from a service you use asking you to change your password. You click on the link, which takes you to a website that looks authentic. You input your current login credentials and suggest a new password. Success! It says you’re done.
But you’re not done. In fact, you haven’t achieved what you thought you have. Instead, you’ve given cyber terrorists two very important pieces of information: your username and your current password.
Now, they have you. They can get into your profile, find financial information and use your account for nefarious purposes. Before you even know what’s happened, you’ve been phished, and you’re in grave trouble.
You might be the one exposing yourself and your company to peril, or it might be one of the users within your organization. Even very smart people can fall prey to increasingly sophisticated phishing schemes. Such schemes are on the rise, and they work. More and more companies today are paying out large sums of money to “the bad guys,” often unknowingly.
Phishing schemes threaten our personal data, our business welfare and our very society. Just recently, it was confirmed that Russian military intelligence meddled with the 2016 election using a phishing scam to break into the email of the DNC.
And phishing scams are just one of the cyber threats all businesses are at risk for today. No company is exempt from the threat of data breaches and cyberattacks. Cyber terrorists are becoming more sophisticated by the day, using their powers (which include intelligence, creativity and deep technology know-how) for evil. Conservative estimates predict that cybercrime will cost the world $6 trillion annually by 2021, making it a more profitable pursuit than the illicit global drug trade. Cybercriminals have a diverse range of tools at their fingertips to perpetrate attacks from anywhere in the world. No company is exempt from the threat of data breaches and cyberattacks.
A cybersecurity attack could cripple you financially, ruin your reputation with customers and employees and open you up to legal liability. This is true whether you’re a small family-owned business or a large enterprise with your own IT department.
In 2017, Ticketmaster’s data was breached, compromising the login information, payment data, addresses, names and telephone numbers of 40,000 people. Yahoo! (now Altaba) felt the delayed ramifications of a 2014 data breach when the U.S. Securities and Exchange Commission slapped them with a $35 million fine this year. Wired charts the bigger data breaches here, but this list doesn’t include all the countless smaller companies and organizations hit by cybersecurity attacks every day.
In fact, the average attack on a small business costs the company $38,000, which includes downtime, recovery and related issues.
To protect yourself against cybersecurity attacks and data breaches, these are some of the steps we typically recommend to businesses we work with.
Every environment is unique, and every organization runs different software combinations. Consult with your IT professional to decide exactly which practices (and possibly more) are right for your company.
Users will always be the weakest link, and you will never be immune to data breaches. But taking these precautions, and working with an IT partner who really knows the ins and outs of data security and how it changes constantly, is a smart way to protect your company from the immense harm that cybersecurity attacks can bring.
Contact us today to find out how you can better protect your company’s data and defend against cybercriminals with smart preventative measures (and react swiftly if those measures fail).
*This is a guest post from our partners at Lazorpoint.