Taking care of employees is crucial for attracting and retaining top-tier talent. A progressive company culture, competitive salaries, and traditional benefits will always be a strong foundation for a...
Fraud & Cyber Security
|
2 min read
Network Diagnostics Part 1: How Strong is Your Company's Cyber Security?
Cyber attacks and data breaches have become a recurring trend in today’s society, and the most valuable currency is customer data. In the business world of sensitive customer records and data, virtually all consumer and company data is prized by hackers and worth protecting for your business.
As breaches become more common and destructive, organizations are still perplexed about coverage and, ultimately, uncertain about cyber insurance being a necessity. In this era of increasing regulation and public awareness of data security risks, you don’t want to risk critical information falling into the wrong hands. Every business should consider their exposure level in the event that sensitive data is compromised, and cyber security needs to be a top priority.
In 2016, a hospital in California was the victim of a ransomware attack. Hackers shut down the internal computer system at Hollywood Presbyterian Medical Center for over a week, encrypting protected patient files, emails, billing, and other sensitive data.
The hackers were demanding $3.7 million in ransom before they would relinquish control of the information obtained from the hospital’s server. Tim Erlin, a spokesperson from the hospital, said that the attack “seriously degraded their ability to deliver care.”
Ransomware
Ransomware is malware that exploits security weaknesses to infiltrate a company’s computer system, then takes their information hostage. Once they get in, cyber criminals lock the business’ computers down, encrypting sensitive information and threatening to release it to the public unless a ransom is paid.
According to a report by Verizon, in 2018, 56% of malware incidents involved ransomware. The most alarming fact from the study was that cyber criminals are now seeking to compromise entire computer servers versus single employee devices.
Social Engineering
Social engineering is a method hackers use to trick victims into divulging sensitive information, like their passwords and usernames, through emails or other platforms with a sign-on function. This method of accessing and attacking protected information and even entire servers is becoming more and more common. Some of these emails can be disguised under branding or a domain that is similar to your practice, or the all too familiar "prince of Nigeria" email.
Email is an easy access point and hackers can deploy massive attacks by sending out blanket emails waiting for a bite—giving them access to your business’ sensitive information—or worse, your customers’ personal information. Small and mid-sized businesses are more susceptible to social engineering attacks because many of their employees have access to consumer information and sensitive data. Employee data is also a vulnerable target for cyber criminals that often goes overlooked. If your business keeps employee records of any sort, that data is rich with information like social security numbers and tax documents, which are highly valuable pieces of information.
Most employees constantly work over email sharing company data, and often times aren’t properly trained on how to recognize or respond to these types of incidents.
No matter the type of business or the size, a good best practice is to take precautionary measures when it comes to protecting your business’ sensitive data. All businesses face their own types of cyber risks, and while they may not be completely avoidable, having a prevention plan, educating your employees, and proper cyber liability insurance coverage can protect your practice from the aftermath of a breach.
Click here to learn how to protect your business with a cyber liability policy
Related Categories
Fraud & Cyber SecurityBrett Morgan
Brett Morgan specializes in alternative risk transfer programs, professional liability, Directors & Officers liability, and employment issues centered on protecting clients’ assets. He has an extensive background in understanding property exposures and a customer’s business processes. Brett has taught various seminars on business interruption, protecting your company while conducting business in foreign countries, and protecting your client’s internal controls from theft.
Let Us Know What You Thought about this Post.
Put your Comment Below.