Cybercrime: Big Risks for Small Businesses
By Lisa Ann Rea, VP/ Regional Account Executive, Mutual of Omaha Bank
Stories of cybercrime continue to make front-page news. Companies of all sizes are impacted by cyber theft and data security breaches. According to the Breach Level Index, over 5 million data records are lost or stolen every day.Each theft causes headaches for consumers and businesses, reputational damage for businesses and financial loss. Cybersecurity Ventures estimates that cybercrime will cost the world $6 trillion annually by 2021.
While not immune to the impacts and consequences of a data breach, multi-billion dollar organizations employ legal, security and technical experts and have vast resources to limit potential liability. Small businesses must also prepare for potential attacks from a growing number of cyber predators. The impact of cybercrime on small businesses can be devastating. Trustwave® reported that 71% of attacks target small businesses. Within 18 months of a breach, 80% of small businesses go out of business.
It is impossible to be 100% secure from cyberattacks, but businesses can take steps to minimize their risk. Associations need to be more aware than ever. Education is a great first step in protecting your business. Educate yourself, educate your staff and educate your Board members.
Securing networks- do not post minutes or financials on web pages without a secure log in- don’t let the crooks see what you have. Keep financial information confidential.
Blocking social media from workplace computers- many cyber crooks use bots to get into a computer through ads, spam emails, and social media sites. Train your staff and Board members they should never click on a link from an email of someone they don’t know or don’t recognize. Board member emails can be hacked, with an authentic looking email request from the hacked Board member requesting a wire transfer or other financial transaction. Always call to confirm the email with the Board member – not the number on the email. This is a classic hacked email/fraud scheme.
Use a designated secure computer for financial transactions. By using one or two designated computers with secure log ins and encryption for financial work it lessens the odds of an authorized employee being hacked. This limits the exposure, or potential exposure and that is what you are aiming for. Make yourself, and your company/community, a smaller target – harder to hack and the cyber crook may move onto an easier target.
In addition to education, you and your company/managers/Board members, would be prudent in ensuring you are using secured networks for all financial transactions relating to the company and associations. There are steps to ensure secure log ins, followed by encryption methods – often a token or set of numbers that are only for the specific person logging in and these encryption numbers are good for 30 seconds. Check with your financial institution for additional information
It is important that business owners educate their employees on the dangers and serious consequences of cybercrime. The knowledge that such theft can cripple a business, thereby affecting an employee’s own livelihood is an added incentive to remain vigilant. Involving the financial institutions of the business can also be beneficial. Many banks are willing to provide in-house education seminars to companies as a way of keeping all levels of the organization well informed. There are several online resources available to educate small companies on protecting their business from cyberattacks. Following are a few examples of resources available for small businesses.
- Forbes Finance Council – How to Protect Your Business From a Data Breach – Seven Key Steps
- Small Firm Cybersecurity Checklist
- SBA Cybersecurity for Small Business Course
Business owners and Associations have the option of investing in cyber liability insurance as a way to proactively protect their business/assets from potential cyberattacks. Cyber liability insurance often covers the cost of business interruption, client notification, and even hiring a public relations firm to repair damage to a company’s reputation as a result of the attack. Reputations are critical in the community association industry. The cost of cyber liability insurance is often far less than the potential monetary loss due to a tarnished image.
The HOA industry insurance companies are familiar with the growing Cybertheft threat and have tailored insurance riders to offer their customers. Contact your carrier for this coverage if you do not currently carry this coverage.
Cybercrime does not discriminate. All industries are affected, and no business is too big or too small to be targeted. Advanced preparation and education are the two crucial tools to combat the growing problem.
After reading this article, you should contact your manager, financial institution and insurance carrier to ensure you are taking the necessary steps to keep your company/community financially secure. As the cyber crooks get more intelligent, the crimes escalate. Make an annual (or more often) reminder to review the steps you have implemented and adjust accordingly to keep pace with technology.
The views and opinions expressed in this article are those of the author(s) and do not necessarily reflect the views of Mutual of Omaha Bank. For any matters concerning your specific needs and objective, you should seek the professional advice of your own independent legal counsel, insurance advisors or other consultants.