When the leader of one of the world’s largest and most revered businesses uses an absolute, you can bet it isn’t just hyperbole.
“Cybercrime is the greatest threat to every company in the world,” says Ginni Rometty, chair, president and CEO of IBM.
No qualifiers, no exceptions. That’s a pretty bold statement. And the numbers support it.
Cybercrime damage was estimated to total $3 trillion last year, a number that is expected to DOUBLE buy 2021 to over $6 trillion annually, according to Cybersecurity Ventures. That’s trillion, with a “T.” If it seems like you’ve heard more and more about massive cyber attacks lately (think, 500 million Yahoo accounts hacked in 2016, the WannaCry ransom attack on 230,000 accounts in May or the 143 million accounts compromised in the Equifax breach this month, for starters) you’re not crazy. In fact, 94% of lawmakers believe hackers are growing more sophisticated, increasing the risk of a breach, according to a report by Governing.
And it’s not just big businesses or large government entities that find themselves in the crosshairs. Last year, 43 percent of all cyber attacks targeted small businesses with fewer than 250 employees, and 80 percent of small and medium sized businesses do not have basic email or data protection in place.
So, why is there disconnect between a growing threat we all recognize and our actual efforts to do something about it? What is your business doing? If you aren’t sure what you can do, where can you start?
According to the Department of Homeland Security, here are a few things to keep in mind as you take an initial inventory:
- Make sure all of your organization’s computers are equipped with antivirus software and antispyware. This software should be updated regularly.
- Secure your Internet connection by using a firewall, encrypt information, and hide your Wi- Fi network.
- Establish security practices and policies to protect sensitive information.
- Educate employees about cyber threats and how to protect your organization’s data. Hold employees accountable to the Internet security policies and procedures.
- Require employees to use strong passwords and to change them often.
- Invest in data loss protection software, use encryption technologies to protect data in transit, and use two-factor authentication where possible.
- Protect all pages on your public-facing websites, not just the checkout and sign-up pages.
Starting October 4, the CYBER24 podcast will help arm you with more information on the threat your business faces and the steps you can take to protect yourself.