Firstly, what is Cybercrime?
Cybercrime is any crime that primarily takes place online. It can range from security breaches to identity theft. It can include cyber-stalking, harassment and bullying, child exploitation and sexual abuse.
Cybercrime is rapidly evolving. With new threats every year, the different types of cybercrime affecting businesses are staggering. While it’s a scary thought, there are many ways to protect your business.
10 steps you can take to protect your business from Cybercrime:
1. Back up your data
Regularly backing up your business data and website is vital to quickly recovering from a cyber-attack or other computer issues. Using more than one way to back up your data is also essential.
An excellent backup system typically includes the following:
- daily back-ups to a portable device and or cloud storage
- end-of-week server backups
- quarterly sever backups
- yearly server backups
While it’s great to back up your data regularly, check every so often that you can restore the data from your backup. There’s no point backing up data if you cannot retrieve it following a cyber-attack or computer breakdown.
Make it a habit to back up data on an external drive and store them away from your business premises. It ensures you can quickly restore data in case of a robbery or other damage to your business premises.
2. Secure your devices and network from Cybercrime
Installing a security software program on business computers helps prevent the spread of viruses across and beyond your internal networks. When installing software, it’s a good idea to check that you have adequate anti-virus, anti-spyware and anti-spam filters.
3. Turn on your spam filters
Spam and phishing emails are popular tools criminals use to trick you into sharing private information. When you click on or open the seemingly genuine links or attachments within the email, they can infect your computer with a virus.
Installing or activating spam filters helps reduce the number of spam and phishing emails your business receives. It’s a great way to reduce the risk of you or your employees opening spam emails by mistake.
4. Use multi-factor authentication
Multi-factor authentication (MFA) is an extra layer of security you can use when logging into web-based accounts. MFA asks for two or more proofs of identity to access your account. It’s usually a 6-digit code sent to an email or mobile phone that you must enter at the second stage of logging in.
For example, an app or website will first ask you to enter your login details – username and password. It will then send you a 6-digit passcode to your mobile device or email to enter to complete the login process.
5. Encrypt important information
What does encryption do? Encryption converts your data into a secret code before sending it over the internet. Why? It reduces the risk of your data being subject to theft, destruction or tampering.
If you use public networks often (such as a library, cafe, or airport Wi-Fi), installing a virtual private network (VPN) on your device is a wise investment. Additionally, turning on network encryption to encrypt data stored or sent online is essential.
6. Manage passphrases
What is a passphrase? A passphrase is a password that is a phrase or a collection of different words. Think of it as a small sentence or statement. They’re simple for humans to remember yet difficult for machines to crack.
A secure passphrase is:
- Long. Ideally, 14 characters long, or four or more words.
- Complex. Include capital letters, lowercase letters, numbers, and special characters. A good tip is to swap vowels for symbols.
- Unpredictable. While tempting to use, your children’s names, pets, or Mother’s maiden are easy passwords to obtain and hack!
While it’s difficult to remember many passwords, it’s best to use a unique passphrase for each online account. While a simple sentence makes a good passphrase, a group of unrelated words is more robust.
A good tip is to swap specific numbers, words or symbols for each passphrase. It’s a good idea to update your passphrase often, such as when you back up your data.
7. Put Cybercrime policies in place for staff
Develop a cyber security policy to help staff understand their role in reducing the likelihood of Cybercrime. A policy is essential, especially with more team members working from home these days. It protects your business by setting out acceptable practices for using or sharing data on computers, devices, emails and internet websites when working in the office or at home.
8. Train staff to be cautious when using the internet
Team members must know how to identify a potential threat and understand their role in keeping your business safe. With the correct training and awareness, staff can help prevent cyber-attacks.
They should know how to:
- maintain good passphrases
- identify and avoid cyber threats
- take action when they encounter a cyber threat
- report a cyber threat promptly
9. Protect your clients and customers
Clients and customers are essential for business success, so keeping any data you hold about them secure is vital. If you lose or compromise their information, it can damage your business’s reputation by opening up their business to potential cyber-attacks. If that happens, there may be legal consequences.
Some laws specify what you can do with the personal information you collect from your customers and clients. Therefore, you should ensure your business invests in and provides a secure online environment for transactions and customer data storage. Contact your legal adviser for details.
10. Invest in Cybercrime insurance
The impact of a cyber-attack is often widespread. For example, the effect of the recent Optus data breach was far-reaching. It impacted the company, its reputation and many customers by exposing customer data to criminals on the dark web.
The cost of dealing with a cyberattack is often more than database repairs, security upgrades or laptop replacement. Despite our best intentions to prevent attacks, mistakes happen, and security breaches occur. We’re human.
With the number of cyberattacks on the rise, we recommend that all business owners have a cyber insurance policy to help cover the financial costs of cyberattacks, whether it be legal advice, computer replacements or legal defence costs.
Combining regular tech and software upgrades with cyber insurance is a simple way to protect your business.
It’s safe to say the internet is here to stay. It’s now an integral part of our day-to-day lives. If you remain vigilant and actively protect your business, you can continue to enjoy all the internet’s wonders!
For more information on Cybercrime insurance, contact Clear Insurance today for a risk review.
General Advice Warning: This advice is general and does not take into account your objectives, financial situation or needs. You should consider whether the advice is appropriate for you and your personal circumstances. Before you make any decision about whether to acquire a certain product, you should obtain and read the relevant product disclosure statement.
Clear Insurance Pty Ltd. ABN 41 601 916 689. AFSL No. 548953.