The importance of data security to company operations is no secret to any business owner. As manufacturing enters a digital era, a company’s cyber security is a more vital consideration than ever before. The effect of compromising sensitive information such as customer transactions or employee records can be devastating.
Cyber security is particularly daunting for the small and medium-size enterprise sector due to more limited technical knowledge and budgets. Cyber criminals tend to target this sector for these very reasons. Vulnerability can lead to loss of critical information, damage to information or systems of information, decreased productivity, damage to reputation, regulatory fines and penalties, loss of clients’ trust, legal fees, loss of income, and more.
Data breach costs companies in the US an average of $60,000 according to recent research by NetDiligence. Dealing with cyber attacks is an arduous and time-consuming process, not to mention costly. The steps listed in this article will help alleviate your efforts.
1. Learn How Attacks Occur
Understanding cyber attacks and threats is important, and knowing how the former occur – even more so. Usually, attacks are a combination of shady tactics aimed at somehow altering a computer user’s behavior. Phishing is a typical example. Worms and viruses are used to trick people into downloading malware or giving certain information away.
2. Learn What They Look Like
You and your company risk becoming the victim of a cyber attack by downloading videos, apps, email files, or music files containing malicious code. Criminals often target file-sharing services, through which people download films, books, or TV programs for free. As soon as you open the file, the Trojan horse, worm, or virus infects your computer and starts spreading across the network. This is particularly damaging to businesses that communicate via intranet.
A cyber attack might be a message that looks like it’s coming from a payment processor, your credit card issuer, or your bank. It appears urgent and includes a link to click on. Every time you get an email like this, take a good second look at it. The message will inevitably prompt you to provide personal data, which a legitimate company would never ask for.
If the message is poorly written – for example poor syntax, typos, etc. – it might be indicative of an impending attack. That said, bad spelling or grammar is no guarantee it is one.
Drop in Internet Speed
Another sign that you might be under attack is a sudden drop in internet speed. In fact, this was how authorities got wind of a breach – the biggest cyber attack in history, in fact – back in 2013. Spamhaus, a European spam filtering organization, was the unsuspecting target. The company had generated a blacklist of servers used by spammers to send messages to protect e-mail providers from fraudulent and malicious mail. Recently, Spamhaus had added hosting company CyberBunker’s ISP to the list. CyberBunker retaliated by unleashing a plethora of distributed denial-of-service attacks upon Spamhaus, which were so forceful that the site went offline.
The attacks also caused a drop in Internet speed affecting hundreds of thousands of users. The widespread Internet congestion began on March 18, 2013. The nonprofit spam filtering company was overwhelmed with traffic and turned to a security firm to bring its site back.
The attackers continued flooding their victims with traffic over the next weeks. Traffic on a scale of 50 Gbps can normally take a site down. The traffic directed at Spamhaus exceeded 300 Gbps. It was hard to stop or even slow down the attack without turning off different servers across the globe because traffic would come from literally every part of the world. Turning these servers off would have meant bringing the Internet to a grinding halt.
3. Form a Response Team
It’s always recommended to at least have a clue as to who to turn to if your company becomes the victim of a cyber attack. Once you realize what has happened, form an incident response team without delay. This team should include or represent all parties or groups involved, for example:
- Data protection experts if the attack involves personal data
- A technical team to investigate the attack
- If the attack affects staff, HR and staff representatives
- PR representatives
- Intellectual property specialists to recover stolen data
- Marketing experts to help minimize brand impact
Whatever the case may be, at least one of the above groups should be involved. If your internal teams do not possess adequate skills or capabilities, you will need to bring external representatives in.
It’s advisable to include external counsel or representatives of your company’s legal team or department (for bigger companies). All cyber attacks have legal implications, so it is of paramount importance to the company to get legal advice within the shortest time frame.
As part of this, you will need to check if your company’s insurance covers losses stemming from a cyber attack. If you have a business insurance policy, it will be necessary to review it to find out if the insurance provider has to be notified of the breach. Many policies cover remedial and legal costs from the date notification is received.
4. Protect and Resist
Be prepared to protect your company and resist cyber attacks. Measures you can take include routine application and operating system patches, limiting your staff’s access to data and information, setting up email and web filters, installing uninterruptible power supplies (UPS) and surge protectors, conducting staff training on a regular basis, and encrypting sensitive business information. Experts also recommend having software and hardware firewalls installed and activated on all business networks, disposing of old media and equipment safely, and securing your wireless access point and networks.
5. Identify the Details
You have to identify the source of the breach, its scope, and its impact as fast as possible. If not, you’re unlikely to arrive at an effective action plan. If the attacker is a former staff member, try to identify their motives and establish what network access level they had. If the attackers obtained personal data, talk to your employees to find out what information they divulged.
6. Secure your Systems
Securing IT systems is a key step to ensure business continuity following a breach to contain it. To prevent further damage, your company might have to suspend its entire network (in the worst case). In many cases, compromised network sections will have to be temporarily suspended or isolated. Unfortunately, this can be costly and disruptive to company operations.
You also need to consider when and how the breach was identified and whether the damage has extended to any other systems. Companies should have appropriate measures in place to make sure that network intrusion is detected as soon as possible.
7. Initiate an Investigation
To establish an official record of the breach, file a report with local police. This will be of advantage if legal proceedings are initiated in the future. Online crimes can also be reported to the Internet Crime Complaint Center or the United States Secret Service Electronic Crimes Task Force. The Federal Trade Commission is nationally competent on matters of identity theft.
Your company management may wish to launch a formal investigation after your network has been secured. Try to identify any security weaknesses, how the hackers gained access, the extent of damage inflicted, the legal options open to you, and whether you can trace the identity of the perpetrators. If you believe the attack originated from an insider, it’s imperative to conduct a system audit.
8. Make a Public Announcement
Not all cyber attacks become public, nor should they, but it’s inevitable in some cases. If your company is in the public sphere or is customer-oriented and your clients’ personal data has been compromised, it’s best to be open about the issue. Needless to say, honesty is the best policy where data protection legislation mandates you notify the affected individuals. Being open, accurate, and honest is very important in order to manage PR effectively.
9. Fix Customer Relationships
Even if their data is safe, your clients will likely be concerned. Again, openness and honesty are key. Keep clients updated and communicate openly. Share all news about what measures your business is taking to boost security and eliminate network vulnerabilities to prevent future attacks. It’s the least you can do to make sure you contain damage.
To be prepared for a cyber attack, take measures to continuously build your cyber skills. Don’t forget that hackers’ methods are constantly evolving to adapt to enhanced security. They are relentlessly pursuing new ways to circumvent security systems. Their techniques are becoming more and more sophisticated.
Guarantee Reliable Cyber Security
Given everything else small and medium-size enterprises have to deal with, network and information security is understandably not top priority. This is regrettable as a cyber attack can prove detrimental to your operations, partners, and customers. Establishing a reliable cyber security system to protect your assets is now more important than ever.