It’s a threat that’s only getting bigger. Globally, Cybercrime is a $12+ billion industry! Cybercriminals have consolidated and are very well funded. Think of it as the virtual mafia of today’s digital age. There’s now larger, yet fewer, cybercrime organizations.
As businesses increasingly go to the cloud and people shift more of their lives online, the risk of hackers stealing data has grown exponentially. I’ll be the first to admit that I think the cloud is the best thing since sliced bread. The fact that I can back up all my data without having to event think about it everyday gives me tons of peace of mind. Ever since losing an entire paper during a hard drive crash during my Doctoral program I’ve relied heavily on the cloud storage. But, we can’t ignore the downsides to this type of data storage and sharing either. Case in point with Sony.
Vulnerability
Smaller organizations are certainly more at risk to cybersecurity breaches due to:
- Fewer levels of awareness
- Less in-house IT expertise
- Fewer layers of protection
- Fewer policies regarding cybersecurity
If a cybersecurity breach of such a magnitude can happen at Sony, you can only imagine what can happen with smaller companies and organizations.
Cybersecurity Tips: What You Can Do
To start locking down your data and protecting your organization, here’s some cybersecurity tips you can implement immediately.
Create a Cybersecurity Policy
- Use strong passwords and change them often. I know it can be a real bear to keep up with this, but think of the potential ramifications if you don’t. Have all passwords contain a variety of characters, upper and lowercase, numbers, and the like. For example instead of Mycompany1 do something like YellowuNicorN#_!3 Check out better ways to manage passwords (I know who can just remember all of ‘em yet where so we put ‘em???)
- Educate employees on Cybersecurity policies & best practices; share cybersecurity tips with everyone on your team
- Reward employees for adhering to Cybersecurity policies and best practices. For example, track who does change their passwords and keeps them complex and reward them with a gift card.
- Punish those who don’t follow policies. I’m normally very against any type of punishment in management and leadership. BUT, in this case where it’s really a “life or death” type of situation when it comes to a business, assets, and data, it’s quite serious. If someone fails to update passwords or adhere to policies, follow your company’s HR protocol for progressive discipline.
- Get buy-in. This starts from the top and goes down. The company CEO, President, or Founder needs to support and roll out the cybersecurity initiatives.
- Controls need to be in place and handled by the appropriate teams and individuals with expertise. If you cannot bring the right type of team in-house to do this, then invest in outsourcing to a reputable cybersecurity company.
- Malicious codes and anti-virus software must be installed on all computers. And, don’t let it expire! I know I’ve been guilty of this in the past. You start to just “x” out of the anti-virus expiration notices flashing on your screen. We always think… eh, it won’t happen to us…
- Continue to build policies over time. Send a few of your employees, HR, IT, or executives to a cybersecurity training or conference at least once per year. Staying on top of information and tactics is everyone’s business, not just the anti-social IT guy in the basement.
I know this is all rather terrifying and can lead to not even wanting to deal with the internet. But, above all, remember not to live in fear. How many billions of sites are out there and how many gazillions of gigs in cloud stored data? If you take proper measures and keep up with it, then luck will be on your side a lot more than if you didn’t.