Many businesses scrambled to adapt to a virtual world when COVID-19 hit. But did you remember to lock your doors against cybercriminals?
Mike Kelly, Head of Cybersecurity & Technology Controls at Chase, has seen a lot of businesses go digital in the last few months.
“Unfortunately, we take a lot of phone calls after an attack,” says Kelly. “My heart always goes out to those business owners because it’s very traumatic.”
The good news is that every business can protect itself from online threats. Kelly shares the top seven ways that can help stop cyberattacks and fraud at your company.
1. Plan for worst-case scenarios
What will you do if someone hacks into your business or engineers a fraudulent money transfer? It’s important to be able to respond quickly.
Kelly suggests writing up a plan and running drills to test it. “Most organizations have a fire drill or a life-safety drill,” he says. “Cyber drills are no different.
2. Assess your vulnerabilities
If you’re not a techie (and even if you are), you might not know the risks you and your employees are taking. Bringing in an independent contractor to audit your technology systems and processes is one way to get ahead of those risks.
3. Pay attention to email
Verizon’s “2019 Data Breach Investigations Report" found that more than 90% of detected malware arrived via email. One big reason is the number of ways email can be manipulated.
An employee might receive a seemingly innocent attachment only to discover it carries malicious software, known as malware, that could take down a single computer or your entire network.
4. Train your employees to detect threats
Another reason email is such an effective way into many companies is that employees don’t always know what to look for and are not fully aware of the risks they are taking when they check their messages.
“Dollar for dollar, training has the most positive effect on reducing the risk of cybercrime,” Kelly says.
5. Require strong procedures for payments
In the early days of COVID-19, many of the usual processes and procedures had to be reimagined. That opened up new opportunities for invoice fraud.
“You always want to be looking at your payment processes,” Kelly says. “Where are there possible weak points?”
6. Lock down your passwords
Passwords should be complex, but they don’t need to be hard to remember.
Kelly also recommends keeping passwords in a secure place. Rather than pasting your passwords into a spreadsheet, consider using a password manager with strong encryption.
7. Not sure what to do? Breathe
Hackers prey on stress and confusion. If you’re unsure how to proceed, pause and investigate your suspicions. If you experience any unusual requests or think you might be a victim of fraud, you can contact MyITRisk.com.