Skip to content
4 min read

What Are Your Biggest Risks? System Security

Featured Image

System Security

2011 – Tricare, healthcare insurance for the military, lost $130 million due to a breach of personal data affecting 5 million military beneficiaries.

2013 – Target lost $252 million due to a breach that affected 40 million credit and debit card holders.

2014 – Home Depot lost an estimated $80 million due to a breach that affected 56 million credit card accounts.

2014 – JPMorgan Chase lost an estimated $1 billion due to cyber-attacks that compromised usernames and personal customer information.

2014 – Ebay lost $200 million due to a cyber-attack that compromised customer names, passwords, and other personal information

2015 – Anthem Blue Cross lost at least $100 million due to a cyber-attack for sensitive personal information. 

You can read more at bankrate.com.

The trend of database breaches appears to be increasing.  Risk Based Security released a report that in 2015, there were nearly 4,000 incidents that exposed over 736 million records.

Most small business might be worried about this some but may feel there are so many more pressing priorities. The examples mentioned are all large businesses and they are definitely higher profile targets for hackers and cyber-attacks. How much money does it cost to beef up security?  Is this really a high enough risk for you?

In a recent article by Fox Business, there has been an increase in cyber attacks on small business.  For example, one out of five small and midsized businesses reported cyber-attacks in the last two years.  Symantec reports that in 2015, 43% of cyber-attacks were against small businesses with less than 250 workers.

Now that I have sufficiently given you a scare, you might be wondering what you are going to do about it.  The purpose of this was not to scare you but to inform you of the risk.  All businesses need to assess their risk.  Have you done a SWOT analysis recently and assessed your strengths, weaknesses, opportunities, and threats.  If your business had a data breach, what are the financial implications?  When doing strategic and financial forecast planning, this question needs to be assessed. If you don’t have much of a risk, then there probably isn’t need to spend much money on beefing up your network security. On the other hand, if a data breach could hurt your customer base and lead you to significant lost sales and profit, then you probably should spend some money on this. If one data breach (apparently you have a 20% chance based on statistics above) could lead you to financial hardship, then it might be worth taking a look at this risk.

This is a large subject and you probably wouldn’t read this if I made it too long so I am going to give you 5 important things you can do to protect yourself and decrease your risk. There are many IT and network specialists that can provide much more insight.

1.Read the FCC’s Cyber Security Planning Guide.

This guide is 51 pages and is probably best suited for an IT person to review.  The first step is to review the current privacy and data security procedures and document what is currently happening. You need to know where you are today.  If you are a small business that might not have the staff in place to do this, hiring an outside consultant is often affordable and well worth the cost. Once you understand the risks and concerns, then you can best assess how much time, money, and resources you want to spend to make recommended enhancements.

2. Train Employees and Staff on Scams and Fraud

I know that people get annoyed at changing passwords and creating complicated passwords with symbols, numbers, and capitalization. The more training employees have, the more they understand the necessity. Just reading all the materials to write this blog has made me decide to beef up security in my own business.

3. Always Update Your Computers to the Latest Software Update

I know it is easy to delay updating software because it takes time to download and you usually have to restart your computer. I have noticed most updates contain security upgrades. Most likely there is a new threat to fight. A few minutes to download and update your software is a small price to pay.

4. Pay for high-quality Anti-Virus and Security Software.

I have a Mac so I figured that I was safer than those with a PC. An IT professional told me that there are more security breaches and viruses affect Macs also.  He recommended Trend Micro. I am not getting paid to recommend they seemly provide significant protection at a relatively low price. Trend Micro provides cloud-based protection, privacy protection, and mobile device protection, as well as system optimization.

5. Use a Network Vulnerability Assessment Tool

There are some free resources which will assess the vulnerability of your network.

  • Rapid 7 has a tool that will help you understand the weak areas, build a prioritized remediation plan to remove threats, and increase security.
  • Aircrack-ng  provides a free suite of tools to assess WiFi network security.
  • Elcomsoft Proactive Software has corporate and forensic solutions to determine the security of your wireless network.

Final Thoughts

There is so much more to security than the 5 points I listed above. I always like to tackle the “low-hanging fruit” first. These are low-cost solutions to increasing your security and decreasing risk. The question is how much time or money should you spend to protect yourself? If the risk of a network breach is a significant financial loss, lost customers, or even possibly bankruptcy, then I stress the importance of moving this higher on your priority list to protect your business from the increasing cyber attacks.