Sooner or later, every organization (even small businesses) will experience a security incident, especially since cyberattacks from phishing and social engineering are only getting worse now that so many people are working from home. That is a statement from Nick Santora, the Chief Executive Officer of Curricula, an organization that provides cybersecurity training to a variety of small businesses. The key, according to Mr. Santora, is knowing how to respond to that incident.
In the unfortunate event there is a breach, Nick Santora advises three steps to use in an Incident Response Plan: Identify, Classify, and Respond. The first thing you should do in the event of a cyber incident is to report it to the appropriate parties. They can review and analyze what happened and move forward with responding to the incident. The exact number of steps in your plan may vary, but the goal is to limit the impact of a security incident.
The Basic Steps to an Incident Response Plan
This is often the first step and explains how to properly recognize if there is an actual security incident or not.
This step aims to determine what systems or services are being affected as a result of the incident.
This step outlines how to contain the incident and what specific instructions are needed to restore operations.
Part of your incident response plan should cover how to communicate an incident, even to those outside your organization. Consider the impact an incident could have on your customers, how you would work with law enforcement, and how you would communicate this on social media or to the press, if needed.
On a relatively smaller scale, Santora advises businesses to be more mindful with digital communication tools like electronic mails or emails. For instance, hackers will use a variety of social engineering tactics, especially over email, using a sense of urgency to try and convince a person to take action by clicking a link, or giving up their credentials.
In some cases, hackers will use external email addresses, which will attempt to mimic a trusted source you are familiar with. These email domains look similar but may include misspellings, hyphens, and other modifications to gain your trust. If you receive an email with the subject line ‘Urgent’ or ‘Action Required’ don’t open it. Promptly notify your management team, IT, or any other involved parties right away.
Considering all these, we’ve talked to some of our peers from various industries to learn how they—in their own little way—protect their small businesses from cyberattacks. Below are their views on the subject:
Limit Employees’ Access to Sensitive Data says Jennifer Willy of Etia
Due to Novel Coronavirus (COVID-19), most of the workers are working from home and more than 40% of the American employees are working remotely. And this has been profitable for both the employers and the employees. But data security is one such issue that has become very problematic.
In an office setting, data is protected by various official security measures but while working from home, a data breach is possible because of compromised systems. To remedy this, we shouldn’t allow employees access to important data. They should be ensured by physical location.
Secondly, there should be a policy where employees cannot work with public Wi-Fi. Their private connection should be protected by a strong and hard to crack the password. Lastly, the company should provide an antivirus program installed in their systems.
Educate the Workforce When it Comes to Cyberattacks shares Tal Shelef of Condo Wizard
Inform and train all your employees regarding cyberattacks. All it takes is one unsuspecting employee and your whole system can be compromised. Training them on how to safeguard information is one good way to help protect your small business from cyberattacks.
Employ Passive Somewhat Effortless Cybersecurity Measures claims Phil Leslie of Havoc Shield
One of the best ways for small businesses to stay safe from cybercrime is to implement passive measures that require little-to-no ongoing effort from the employees: automatic phishing simulations, DNS filtering, antivirus, automated web vulnerability scans, etc. These are items that can be arranged/scheduled in a way that takes very little proactive effort and continue to provide benefits well into the future. Just be quick on your feet if you get an alert about a new vulnerability or incident uncovered by these tools.
Another thing is to raise employee awareness, as it plays a huge role in small businesses staying safe from cyberattacks. Whereas enterprises have dedicated cybersecurity staff with all manner of tools and training, small businesses often feel rushed into doing what they can afford with the little time they have and that puts much more pressure on employees to be able to sniff out fraudulent email requests and other scams.
In the end, Nick Santora reiterates your role in responding to security incidents can vary greatly depending on your position. When required, you should be able to quickly identify where your organization’s Incident Response Plan is located and how to access it.
In your case, how do you protect your own small business from different cyberattacks? Be sure to leave a comment down below and help inform our loyal readers.