INSIGHTS 2020 |
Protect Your Business from Cyber Security Threats By Jennifer Ritchie |
For a small business owner, the topic of cybersecurity can seem overwhelmingly complicated, but a basic understanding of cybersecurity is considered necessary for running a business, particularly a business with any kind of online presence. But even those companies without an online presence can be quite vulnerable to cybersecurity threats. According to the Nilson Report, as of December 2018, there were 22.11 billion payment cards in circulation, worldwide. Add eWallets to this, the convenience of online purchase and Card-not-Present transactions, and you end up with an influx of potential security gaps that cybercriminals can exploit. Knowing what you are up against is the first step in prevention. According to Cyber.gc.ca and a Juniper Research study, “Fighting online payment fraud in 2020”, the following list shows the main key areas seeing increasing or waves of cybercrime in the payment industry. Cyber-attacks are constantly evolving, but business owners should at least be aware of the most common types. Identity Fraud is the fraudulent acquisition and use of sensitive personal information, such as national identification numbers (e.g., social security numbers), passports and drivers’ licenses. This information enables a skilled thief to assume an individual’s identity and conduct numerous crimes. Phishing is the practice of sending seemingly official emails from legitimate businesses to steal sensitive personal information from customers, such as account login details, passwords, and account numbers. A variation of phishing is SMS phishing (or smishing) where a fraudster sends a text message that asks a mobile phone user to provide personal information such as their online banking password or asks the user to make a phone call to a number controlled by the fraudster and then enter their ATM PIN number or online password. Chargeback fraud, similar to friendly fraud, where a chargeback request is made in spite of received goods and services. While friendly fraud is non-malicious in nature, chargeback fraud is a pre-meditated intention to commit fraud. Malware (malicious software) is an umbrella term that refers to software intentionally designed to cause damage to a computer, server, client, or computer network. Malware can include viruses and ransomware. Ransomware is a specific type of malware that infects and restricts access to a computer until a ransom is paid. Ransomware is usually delivered through phishing emails and exploits unpatched vulnerabilities in software. One of the biggest challenges facing retailers, merchants and payment processors is detecting cyber threats as early as possible and taking action to defeat attacks. So let’s discuss a few simple steps you can take to protect your business. Lock Down Your Login by enabling strong two factor authentication and setting strong passwords. Passwords acts as the keys to your business' preserved data thus should be treated with the utmost care. They should not be left in the open since hackers handle every clue with care, and your passwords are obviously top of their priorities. Keep your operating system, browser, and other critical software up to date by installing updates regularly. Training employees on basic internet best practices can go a long way in preventing cyber-attacks. Employees are still the weakest link in companies fight against cyber-attacks. The point is that if your employees can't recognize a security threat, they won't avoid it. Limit the amount of personal information you share online and use privacy settings to avoid sharing information widely. Use antivirus software and keep it updated. Using an antivirus software is one of the most reliable ways of protecting your company's machines and mobile devices from malware attacks. These tools are designed to detect potentially dangerous content before being launched on your computers. Safeguard your Internet connection by using a firewall and encrypting information. Setting up a firewall is a rather basic recommendation but worth the mention. It's integral in the security of your website since it searches for and blocks malicious traffic on your site. It will also help protect your employees from navigating to potentially harmful websites. Avoid phishing attacks by verifying unknown links, attachments, or emails before opening. Protect sensitive data and back up the rest. This process will save you from losing your clients due to broken trust or reputation damage. It will also protect you from crippling losses in the business, especially if confidential data lands in the wrong hands where they might be used in committing unlawful activities like frauds etc. For more information on how you can protect your business and stay safe year-round, visit: https://cyber.gc.ca/en/guidance/baseline-cyber-security-controls-small-and-medium-organizations Now that you know why cybersecurity is important for businesses of all sizes and the measures in which to protect your business, it’s time to take consideration of potential vulnerabilities in your system and work to strengthen security measures. Your customers and business partners depend on you to safeguard the vital information they put in your hands. By having the correct protocols in place to prevent a cyberattack, you can rest easy knowing you’re doing everything within your power to protect your customers and your business. Works Cited: https://cyber.gc.ca/en/guidance/baseline-cyber-security-controls-small-and-medium-organizations Fighting-Online-Payment-Fraud-in-2020-whitepaper.pdf https://www.sbmarketingtools.com/cybersecurity-important-ever-business/ https://www.business.com/articles/cybersecurity-measures-for-small-businesses/ |