Free Cybersecurity Advice that Could Save Your Company

The FDIC recently advised banks and financial service institutions how to respond to the growing sophistication and number of cyber attacks. Whatever industry you’re in, all companies should benefit from the government’s free advice regarding cybersecurity.

You’re not a bank—but you’re still a target.

The cybersecurity principles for banks apply to you too. Most small or medium-sized businesses don’t take the initiative to implement cybersecurity policies. However, these businesses are still targets—especially because they have shorter sales cycles than banks. Here are ways to protect your company and minimize business risk.

Cybersecuirty Mantras

1. You cannot expect what you do not inspect.
   You don’t have to be an IT expert to learn about security threats. Take responsibility to stay informed on cyber risks to your company.
   These resources can help:
   • US–CERT Alerts
   • NIST newsletter
   • Dark Reading
2. Practice “safe click.”
   Encourage your staff to think before they click on links. Perpetrators commonly trick email recipients into clicking on links that deliver malware. Protect your valuable information and computer systems by educating your employees. You can even remind them of this healthy practice with stickers on their monitors.
3. A security check a day keeps the cyber threats at bay.
   Regularly monitoring your security systems is like checking your company’s vital signs. You might assume you’re safe with the antivirus that runs every night—but it’s not enough. You need to periodically review those technical systems for proper functioning. Otherwise, how will you know if they start to malfunction? All software is prone to failure.
4. Prevention is the best policy.
   What if an employee or perpetrator causes a security breach? Having a policy already in place will provide an incident response plan and decrease your liability exposure.
   These policy booklets are for banking but they provide a framework for developing your own. We can advise you as you customize policies for your business.
5. Check up on your Managed Service Provider.
   If you hire a Managed Service Provider (MSP) or Technology Service Provider (TSP), then keep them accountable like you would an employee. Regularly meet with your service provider to ensure they’re performing as expected. If they’re not, then discuss ways they can improve. It’s less expensive than switching to a new third party.

Don’t Let This Happen to You

If you don’t protect your business against attacks, then you could end up like one of the companies in these vignettes.

• Ransomware
  You might think all your network devices are protected, but are they really? Ransomware is a common problem, as illustrated in this vignette.
  (4:42 minutes)
  
• DDoS as a Smokescreen
  Cyber attacks are increasing in sophistication. In this vignette, an IT manager investigates a possible DDoS attack while a second attack exfiltrates data. (3:55 minutes)
  

We’ve Got Your Back
Protect your small or medium sized business by investing time and resources into cybersecurity. Educate yourself and your staff on common threats and how to prevent them. If you hire a third party, then make sure you receive what you pay for. If you’re ready to take action against cyber threats, then contact us for more security suggestions or for customized policy development.