Written by Anthony Miscavige, CPA, CBCP and Emily McGraw, CPA
Think that because you're a small business, your company isn't at risk of a cyber attack? Think again! Businesses with less than 1,000 employees account for 61% of data breaches, according to the 2017 Verizon Data Breach Investigations Report.
Although a cyber attack can happen to any business, your company can help protect themselves and mitigate the effects of a cyber attack by being prepared and proactive. Below are five cybersecurity tips your company should be doing now.
1. HAVE A PLAN.
Prepare not for “if” a breach will occur but “when” it occurs. Your business should have remediation, incident response, and disaster recovery plans to continue important business operations and recover quickly with minimal damage.
2. TRAIN YOUR EMPLOYEES.
Employee awareness is the best defense against social engineering attacks. Train your employees on how to identify fake emails or phone calls requesting them to click on a link, download an attachment, or give out secure information such as passwords.
3. REQUIRE COMPLEX PASSWORDS.
Set a password policy that employees should use complexity rules when creating passwords and change the passwords regularly.
4. PROTECT YOUR NETWORK.
Keep all software patched up to date, use a firewall, and use an antivirus application with intelligent threat protection.
5. BACK-UP ALL DATA REGULARLY.
Determine for how long your business can sustain loss of information and set regular backups that satisfy this need; this is critical in case of a ransomware attack.
Your business should be protected against cyber threats. Since a data breach is not completely preventable, measures should be taken to mitigate the risks as much as possible. In the event of a data breach, you want to be sure that you secure sensitive information and minimize downtime by having incident response plans, uninterruptible power supplies ready, and have backups available to minimize lost data. Trout, Ebersole & Groff, LLP (TEG) performs Cyber Health Checks which include an Internal Vunerability Scan to establish your cybersecurity baseline.
Click the button below or call us at 717-569-2900 to schedule your free Cyber Risk Initial Consultation!