Seaside National Bank & Trust Offers
7 Tips to Protect Your Business
If it seems the need for cybersecurity is growing, that’s because it is. The number of consumer records exposed through data breaches rose 126% from 2017 to 2018, according to the 2018 End-of-Year Data Breach Report, a 180-page document released by the nonprofit Identity Theft Resource Center.
Large organizations aren’t the only targets for cybercriminals. The 2018 Data Breach Investigations Report by Verizon found that 58% of all data breaches occurred at small businesses.
Seaside National Bank & Trust, a $1.9 billion Orlando-based full-service financial institution with 14 locations in Florida, is taking cybersecurity seriously. It recently partnered with the law firm of Lowndes P.A. and the Orlando office of the national accounting firm BDO USA LLP to host a cybersecurity seminar for clients who left with seven financial tips to help protect their businesses:
- Develop IT security policies. A basic plan includes multilayered endpoint security, network security, encryption and strong authentication technologies. Look into the information technology (IT) security policies of your vendors to help ensure they don’t expose you to unnecessary risk. You may want to hire a reputable cybersecurity firm to review your potential vulnerabilities and possibly manage your IT security if you don’t have sufficient internal resources.
Train employees and enforce strict internal controls. In its 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses, solutions provider Keeper Security and research firm Ponemon Institute found that 54% of IT leaders reported negligent employees or contractors were the root cause of data breaches they experienced. Create policies for strong password creation as well as email and social media use. Ensure employees are aware of the policies — and the consequences of failing to adhere to them.
Consider carefully the data you collect and store. The more sensitive information you keep, the greater the risk to you and your customers if a breach occurs. Encrypt the information you must keep and restrict access to only those who need it.
Monitor, monitor, monitor. Although your current procedures may be effective, hackers come up with new and ingenious ways to attack data every day. Your IT team should constantly monitor IT security using automated and manual checks and react immediately should a threat be suspected or detected.
Create a response protocol. Your IT team — along with input from other departments such as human resources, marketing, corporate communications, legal and management — should have a policy in
place for reacting to cyberthreats. This includes stopping them, correcting internal policies and communicating with the public when necessary.
Use the latest technology. For example, many businesses replaced magnetic card readers with more secure chip card readers by Oct. 1, 2015, to comply with EMV standards set by credit card companies. Those that have not updated their terminals may be liable should counterfeit fraud occur. About two years after the recommended transition to chip readers, half of all merchants were still unprepared for the change, leaving their customers and themselves vulnerable to data breaches, according to research by Creditcards.com.
Purchase cyber liability insurance. IBM Security’s 2018 Cost of a Data Breach report found that the average cost of each record stolen in a data breach was $148, which adds up quickly if you have a large customer base. Talk to your risk management and IT teams about the impact of potential breaches to determine the type of coverage your organization may need. Consider covering costs associated with a breach, the expense of updating or replacing business assets, business interruption, liability and/or cyber extortion or cyber terrorism.
Although there are no guarantees, taking commonsense measures can help protect your business from a cyberattack. Seaside suggests you talk to your banker today about cybersecurity and fraud. Share your internal processes and procedures for payments with your banker, so he or she can offer your business ideas based on the bank’s experience. Also, ensure that you know how to use the fraud defense and protection systems your bank offers.
Cybersecurity is a shared responsibility. We all need to ask questions, continually train our associates and do our collective part to protect our businesses and personal accounts from cybercriminals. ■