Consider this—in 2018, two of the five biggest cyberattacks in history occurred. Between the hacks on Marriott and Under Armour, criminals accessed the personal information of more than 650 million people. Cyber attacks also caused billions of dollars in lost revenue as hackers infiltrated everyone from mega-corporations to mom and pop shops.
The growing number of attacks and the costs associated with them are staggering. And while it’s difficult to detail the full extent of the economic impact in 2018, most experts predict that 2019 will be worse. Despite this, many companies have been slow to adopt modern cybersecurity protections, though most have implemented at least the minimum level of cyber protection.
But even the most secure businesses may not be thinking of the most significant threat—their people.
Research indicates that 95% of all data breaches are attributed to some human error.
Not huge mistakes, either. These simple errors happen in a fast-paced environment when everyone’s busy, such as falling victim to phishing. Someone opens an email and downloads an attachment, assuming it’s from a reputable source. Included in that email is malicious code—malware—that allows hackers to infiltrate a company’s network. Some people transfer corporate data outside the company over an unsecured network or simply don’t delete old data, leaving it vulnerable to leaks.
Cyberattacks will make headlines in 2019. No matter how much is spent on security, nothing can cover every human error or new techniques hackers use to infiltrate your network.
Sophisticated cybersecurity systems could help curb the cost of human error. When they’re implemented alongside a culture that prioritizes online safety, you can reduce the number of hackers who gain access to your people and help employees understand how to spot the threats that do breach your system.
Diligent training efforts will help prevent carelessness, breaches and help reduce costs. Here’s a short list of best practices:
Do your people understand the value of information security? If you’re unsure of the answer, it’s time to start an internal communications plan that reinforces your organization’s standards.
Invest in cyber protection
Even if you have the most modern security software, it still requires regular maintenance. Many companies take a “set it and forget it” approach, but all security technology should always have the most recent updates.
Commit to encryption and multi-factor authentication solutions
Many cybercriminals take the path of least resistance, preying on companies that have minimal security. Simple additions like encryption and multi-factor authentication will help augment your security and move your company into safer territory.
Make a plan in the event of an incident
No one is immune to a hack, not even the most secure organizations. But there are ways to minimize the damage, both to your bottom line and your reputation. Create a detailed list of who to call and what steps to take if ransomware shuts down your access or customer information is stolen.
Cyberattacks will make headlines in 2019. No matter how much is spent on security, nothing can cover every human error or new techniques hackers use to infiltrate your network. When you are making your post-attack plan, the call to your cyber insurance broker should be at the top of your list. Insurance won’t stop an attack, but it will help pick up the pieces afterwards.
Contact Hays Companies to learn more about how we can cover you in the event of an attack.