Cybersecurity: 7 Ways to Protect Your Electronic Data

Electronic data breaches and ransomware attacks have, unfortunately, become a fact of life.  In fact, cyber-attacks occur every 39 SECONDS!!! The number of data breaches and ransomware attacks escalated to record levels in 2020 with an estimated $6 Trillion in damage attributed to cybersecurity crime.  In fact, Secretary of Homeland Security Alejandro Mayorkas noted that the number of ransomware attacks in the United States rose more than 300% during 2020. Ransom payment demands likely surpassed $50 Million in 2020 – with the average ransom demand reaching $175,000.  The cybersecurity threat shows no signs of slowing down as the May 2021 ransomware attack on the Colonial Pipeline – which supplies 45% of fuel to the East Coast- forced the pipeline to shut down for six days and cost Colonial Pipeline Co. $4.4 Million to pay the ransom. 

Cyber-attacks are not just threatening large corporations and government entities either.  According to the Hiscox Cyber Readiness Report 2021, the average financial cost of cyber-attacks to small businesses in the United States reached a high of $25,612.  The report also reveals that 23% of small businesses in the U.S. suffered at least one cyber-attack in the last year.  In addition to ransom payments, businesses in the U.S. may also be forced to pay substantial fines or penalties for the release of customers’ personal information.  Businesses also must cope with the bad publicity that follows a cyber breach.

Preparing, educating, and training your family, employees, suppliers, and clients about the cybersecurity threat has never been more important. As the pandemic struck, 63% of small businesses shifted employees to remote work or “work from home” models.  Sadly, many people do not take simple steps that would make it harder for hackers to gain access to online information - such as bank information, Social Security numbers, and sensitive organizational information.

Fortunately, there are several things you can do, quickly and easily, to keep your data more secure. While it is impossible to guarantee complete security, putting up roadblocks might encourage potential hackers to move on to a different target - akin to a burglar choosing an obviously unoccupied home over one with the lights on.

Here are a seven things experts recommend to better protect your business or personal information:

1. Cyber Risk Management. Purchase Cyber Liability Insurance to help spread the risk. Most cybersecurity experts recommend purchasing a standalone Cyber policy.  Saunders Insurance Agency offers standalone RPS Cyber policies from BCS-Lloyds of London, Axis, and Hiscox with coverage limits starting at $500,000-$1,000,000.  Standalone Cyber policies offer expanded coverages such as Medica Liability, Cyber Deception, PCI-DSS Assessments, and Reputation Business Income Loss.  However, there are other options to share your cyber risks. Most insurance carriers offer Cyber Liability and/or Data Compromise coverage that can be endorsed to your Business Owners Policy or Commercial Business Package. These endorsements usually offer coverage limits starting at $25,000.  Insurers, such as Auto-Owners, now offer Home Cyber Protection for computer attacks, breaches, cyber extortion, and fraud that can be endorsed onto your Homeowners policy. Most cyber endorsements offer three important coverages:
• Cyber Coverage protects businesses against damage to electronic data and computer systems from a virus or other computer attack. It also protects a business’s liability to 3^rd parties that have suffered damage due to security weaknesses in your business’s computer system.
• Data Compromise coverage designed to help businesses cover the costs to notify and assist clients, employees, and others following a breach of personal identifying information. Data Compromise Defense and Liability coverage responds to 3^rd party actions brought against your organization by individuals affected by your data breach.
• Identity Theft Recovery Expenses for your business’ owners or key individuals to help restore their credit history and identity records to pre-theft status.

2.      Add Antivirus & Anti-Malware Software to protect all your systems and your devices- including tablets and cell phones- from threats that can cause system crashes, improper performance of programs and reduction in memory.

3.      Stay Up to Date on Internet Security. It is important to establish a process or procedure to install the latest security updates, applications, browsers, mobile devices, and web plugins. If your device offers auto-update feature, use it!

4.      Use Stronger Passwords. You should also try to create complex passwords using a combination of special characters, numbers and odd phrases that aren’t easily guessed. Instead of "mike2013," for example, remember something like "In 2013, Mike broke his leg in Omaha" and translate it into "i13MbhliO!" Password-management software can help, too; these programs generate strong passwords for you and require you to remember just one master password.

5.      Use multi-factor authentication. Many companies and online service providers offer this feature, which forces you to provide verification beyond a password to sign in. You should also restrict administrative rights on your desktop computers and/or laptops and disable remote desktop protocols (RDPs) to prevent another computer to connect over your network connection.

6.      Education Against Phishing Scams. We've all gotten calls or messages that were clearly scams, such as when the "IRS" calls to say you're going to be arrested if you don't immediately make a payment via credit card. But they're not "clearly" scams to everyone, and if someone happens to send you an email that is plausible because of your present situation, you could be fooled, too. Unless you are absolutely sure about the person or company you're dealing with, don't give out personal or financial details on the phone or via email. If you have a question about someone’s authenticity, type the organization's web address into your browser (don't click links in an email or use an address provided by a caller). Then call or email back using the information on the actual website or get the correct contact information from your account statement.

7.      Back Up Your Data. In the event of a cyber-attack, the ability to quickly restore your business’ information from backups may be vital. This is also important in case your device is stolen. Some devices and platforms have a feature that allows you to erase everything remotely if needed, so consider enabling that if available. Always fully wipe old devices before selling or recycling them. Simply deleting files is not enough - check with the manufacturer and learn how to completely erase all your information.