1,579: That’s the number of data breaches in the United States in 2017, exposing close to 179 million records.
The number and sophistication of cyberattacks are only growing. Recently, the United States and the U.K. put out a joint warning for Russian cyberattacks against government and private organizations as well as individual homes and offices.
It’s not just an attack anymore – it’s cyberwarfare, and it’s likely to affect your organization one time or another.
Many organizations are simply unprepared for the reality of a cyberattack. In the 2018 Global State of Information Security Survey from PwC, 44% of the 9,500 executives surveyed worldwide reported they do not have an overall information security strategy.
There are simple steps any organization can put in place to move toward a comprehensive security strategy.
Know your enemy: If the number at the top of this article shocked you – it shouldn’t. You need to be informed about the various cyber fraud schemes and threats – phishing, malware and hacking – so you can put systems in place to prevent them.
Know yourself: Security should be part of your company culture, at every level. An employee’s desk can be a minefield of hacking breaches, every app, popup and email are a potential entryway into your – and your customer’s – data. Educate your employees on potential risks and how to spot threats, and give them a formal internet security policy to abide by.
Secure your valuables: Remote malware and hacking get all the headlines, but the internet isn’t the only entry point to your data. Many, if not most, cyberattacks occur when physical electronic equipment is stolen. Ensure your physical systems are locked down. Get locking devices for laptops, lock up your server room and limit access to essential personnel.
Encrypt your data: Your organization has a lot of data lying around, no matter what business you’re in. From standard bank routing numbers to employee social security numbers, you have something worth stealing. Keep those digits as safe as possible with encryption, so that in the event of a breach, hackers won’t get far. If this data gets into the wrong hands, the loss of public trust is often insurmountable for an organization.
Plan for the worst: Despite all your best efforts, odds are an attack of some sort will still impact your organization. Don’t just tackle security, build a resiliency plan. Companies that include response and recovery in their security efforts are rewarded with stronger, long-term economic performance than those that take a reactionary stance. A complete incident response solution, such as Red River’s offering, can help make recovery quicker and less painful.
You might not be thinking about a cyberattack on a day-to-day basis, but for hackers, it’s their full-time job. Put the policies, processes and systems in place to prevent and recover from an attack before it’s too late.