Risk management is a constant balancing act between productivity and security, and yet, savvy business owners understand that resilience strategies inevitably lead to a stronger, more competitive organization. With significant risks on the table such as loss of customer trust, loss of critical information and network capabilities, financial damages, and an abundant amount of inconvenience, Utahns simply cannot afford to ignore cyber risks. The Salt Lake Chamber Cybersecurity Leadership Council highly encourages every business, of every size, from every industry to implement cybersecurity precautions into their business model and consider the following tips:
- Create an organizational culture to support cybersecurity
There is no silver bullet to ensure total cybersecurity. Rather, it is a continuous process that requires support and awareness from every employee within an organization. Everyone has a role to play, from the CEO down to each and every department. Consider developing an information security policy that employees sign off on in their employee handbook, having HR oversee regularly scheduled cybersecurity training, and ensure that cybersecurity education is prioritized in your business. For instance, do your employees know how to identify a phishing email? Do you know how to identify a phishing email? Test yourself here.
- Take an inventory and identify your most valuable assets
Every business, from the smallest mom & pop shops to the largest corporations have essential data they use to function. In order to prioritize where you spend your time and money to defend yourself, you need to know what your critical assets are. Once your inventory is complete, consider backing up essential data or properly discarding sensitive information that you no longer need. Also, remember that if you are collecting the personal information of your customers, you are obligated to protect it. To guide your inventory process, please see the GAP assessment available at the MEP Center website.
- Understand the threats that exist
Cyber crime is continuously evolving and new innovative ways to undermine your business are always being created. Take some time to understand common cyber attacks so you can anticipate likely scenarios. Afterwards, continue to stay updated as new forms of cyber attacks arise. For example, oftentimes cyber criminals take advantage of vulnerabilities in your network that already have solutions or ‘patches’ available. Knowing this, you should install updates to your software as soon as they are available to protect yourself against opportunistic criminals that will target outdated systems.
- Take advantage of the resources available to you
Cybersecurity may feel ambiguous and intimidating at times, but every business should recognize that there is a wealth of information and resource available to support them. You are not alone in this fight! Visit slchamber.com/cyber and peruse our Toolkit, and follow the Chamber’s Twitter for current threat levels. On March 27, 2019 the Salt Lake Chamber Cybersecurity Leadership Council will be holding their 3rd annual Cybersecurity Conference to provide businesses with the knowledge and tools they need to be successful. Don’t approach this issue alone. Reach out to reliable sources that can assist you.
- Implement basic controls
Simple solutions can have an incredible impact on your cybersecurity status. There are many quick, easy actions you can take this month that will dramatically decrease your vulnerability. Think to yourself, is a house with locked doors, closed windows and a barking dog more likely to get robbed or it is the house with the door wide open and unattended more at risk? Figuratively ‘locking the door’ may be a simple action that doesn’t take a long time to achieve, but you are much harder to victimize if you take that simple step. There are many quick tips you can apply, but here are a few to get you started:
- Check to see if a website starts with https, which signifies that the data you put on the website is encrypted. If a website doesn’t start with https, don’t give them confidential information.
- Set strong passwords, don’t share your password with others, and don’t use the same password for multiple sites. Click here for guidance on setting strong passwords.
- Enable two-factor authentication on your bank accounts and other important logins.
- Lock your devices when they’re not in use including your phone and computers.
- Disable Bluetooth whenever you’re not actively using it.
- Never use a USB whose source you don’t know, as it could have malware installed on it.
- Be careful when clicking on attachments or links in email. If it’s unexpected or suspicious don’t click it.
- Backup your important data in case it is damaged, stolen, or held for ransom by cyber criminals. Make sure to test your backups regularly.
- Limit the amount of information you’re sharing on social media and set strict privacy settings.
- Be wary of public WIFI and never do any shopping, banking, or sending of sensitive information from a device that isn’t yours or on a network that isn’t yours.
To learn more about the Cybersecurity Leadership Council visit slchamber.com/cyber