Some businesses never come back from a cyberattack. Profits aren’t the only thing that takes a hit after a security breach. In addition to valuable data, you could lose hard-won customer trust. Your business could experience downtime or face compliance fines. According to Argo Group Senior Vice President and Group Head of Cyber Simon White, you can help prevent or mitigate such devastating consequences by avoiding these five common mistakes.
1. Believing your small business is not a potential cyber target
A 2017 Argo Cyber Insurance Study by CoreData Research found that only four in 10 small and medium businesses surveyed believe they’re a potential target, yet a majority (63 percent) have experienced some form of cyberattack.
In fact, small businesses may be especially appealing targets because they’re less likely to have sophisticated network security.
2. Not having information security training for your staff
You’re only as strong as your weakest team members, and the size of your business is no excuse for not training them. Over half (52 percent) of the businesses surveyed in the Argo Cyber Insurance Study claim to provide cybersecurity training for staff, but that figure falls to 35 percent for those with annual revenues below $25 million.
Training employees to secure information, think critically, ask questions, and recognize phishing and other forms of social engineering are easy ways to minimize your vulnerabilities.
3. Failing to update security software
The most prevalent forms of attack (49 percent) the businesses surveyed in the Argo Cyber Insurance Study had experienced were viruses, spyware, malware or other malicious code.
The massive Equifax data breach, for example, could have been prevented with a simple, available patch to a web-application software vulnerability.
4. Leaving laptops and other mobile devices unprotected
A lost or stolen laptop is a treasure trove for attackers, especially if it’s not password protected or if the data on it isn’t encrypted. Security professionals recommend limiting the kinds of data employees can access remotely and also implementing a way to track these devices and remotely wipe sensitive data when necessary.
5. Not having a cyber insurance policy
The Argo Cyber Insurance Study found that a majority of the businesses surveyed (57 percent) haven’t purchased any form of cyber insurance, and only 27 percent are likely or very likely to do so despite ongoing cybersecurity threats.
Cyber insurance could help mitigate potential financial losses and ensure continuity if your network is manipulated. With Argo Pro’s Cyber Tech PROtectSM you can even customize your coverage.