There’s no denying the fact that cyber crime is rising. According to the Australian Competition and Consumer Commission’s Targeting Scams 2019 report, Australians lost over $634 million to scams in 2019. One of the biggest victims of online scams were businesses, who lost $132 to email compromise scams.
And these are just online scams – other cyber crimes, such as ransomware attacks, can be just as, if not more so, malicious. According to an article by the Australian Financial Review, when quoting a global cyber crime report, disruption increased by 48% in 2020, increasing the businesses exposed to 64% of Australian businesses.
It is also evident that even large, multinational companies and governments with stringent security protocols and teams are not averse to cyber crime. Microsoft, eBay, Apple and national governments are just some organisations that have made headlines for being victims of cyber crime in recent years.
If any part of your business is dependent on the internet (think emails, or even employee or director phones, for example), then you have already exposed yourself to the risk of cyber crime. This may then inspire you to ask: if even large institutions can be victims of cyber attacks, is there any hope for a business like mine?
The good news is that there are simple, cost-effective strategies that many companies are now employing to reduce their exposure to cyber attacks. Though they will never be 100% bullet proof, they can serve as a start for any business looking to improve their cyber security.
Here are three cost-effective strategies that companies are implementing to safeguard against cyber risks:
1. Two-Factor Authentication
This form of authentication has recently gained in popularity – if you use any popular email platforms such as gmail, then this may be familiar to you.
The aim of two-factor Authentication, or 2FA, is to provide a significantly more secure login than a traditional one-password login.
How it works: traditionally, to login to a website, you were only required to login with a username and password.
With 2FA, you will need to not only enter a password when logging in, but also use another device to verify your login. For example, you may be required to enter a unique code generated by an Authenticator app on your phone before you can login, or enter a code sent to your email or phone before logging in.
Basically, 2FA adds another extra layer of security to your login, should your existing login credentials be compromised.
To strengthen the login process, companies are also using CAPTCHA (Completely Automated Public Turing test) technology to safeguard against suspicious logins. Essentially, CAPTCHA technology helps a website differentiate between a real human trying to login, rather than an automated and potentially malicious bot.
There are several forms of CAPTCHA, with some popular ones involving login screens requiring users to match various photos with words, solve simple maths problems or record a string of characters presented on a screen.
2. Data backups
There’s plenty of evidence that demonstrates that a cyber attack can significantly damage or completely ruin a business.
As a business, you bear the risk of losing all, or a portion of your important data, from a cyber attack. The data could be personal data, classified data, client data, sensitive emails, a complete website or anything else stored digitally. This data could be corrupted or even used against you in a ransomware attack. JBS, a leader in meat processing, for example, recently paid a $14.2 million ransom to cyber criminals in order to safeguard their data.
There are several ways to backup your data, and if you are not an IT professional, it may be beneficial to engage the advice of some backup security experts. For example, there are some strategies that suggest you store backups of your data in at least three different locations and in two different formats (such as through local servers or the cloud). Many companies now also use encrypted backups in offsite locations.
3. Cyber insurance
If you were to take any of the examples above as evidence, it is clear that whatever the size of your company or security team, you will always be exposed to certain levels of cyber risk. Even a robust security system has holes that cyber criminals can take advantage of.
This is where Cyber Insurance can be a crucial, yet surprisingly cost-effective tool to safeguard your business in the event of a cyber attack. In the event of a cyber attack, the right cyber insurance policy can cover your financial losses associated with that attack. For example, a good Cyber Insurance policy may be able to provide you cover for:
- Financial losses associated with cyber theft
- Profits lost as a result of cyber attacks
- Penalties and fines imposed upon your company for breaching privacy regulation laws
- Losses that are payable to other parties as a result of breaching their privacy
Implementing two-factor authentication, backing up your data and considering Cyber Insurance are just some examples of what you can do to improve your company’s cyber security.