Part one of a two-part article series.
“Everyone has a plan until you get punched in the nose.” Mike Tyson
Cybersecurity has never been more important. According to Accenture, the frequency of data breaches has increased by 67% since 2014, and that number continues to rise. Because of the increasing number of cyberattacks in the financial sector, 70% of financial organizations rank cybersecurity as their biggest concern. Financial services companies need to dust off their cybersecurity policies to ensure they’re effective in protecting the organization against today’s security threats. Education, integrating software, and implementing procedures lead to a stronger defense, which can protect the firm, its client’s data, and its reputation. Outlined below are three strategies we have implemented at Socium that companies can adopt to ensure they’re cyber-ready.
1 | Build Security Awareness
The words, the best defense is a good offense, ring true with cybersecurity readiness. Phishing attacks are responsible for more than 80% of reporting security incidents. According to CISCO’s 2021 Cybersecurity Threat Trends report, about 90% of data breaches occur due to phishing. The shift to remote work appeared to increase both the occurrence of phishing attacks and the cost of data breaches.
To minimize the chances of falling victim to a data breach or economic loss through a phishing attempt, companies can provide comprehensive cybersecurity awareness training to ensure all team members are educated on what they can do to prevent a cyberattack. Teaching employees how to spot suspicious emails and text messages, as well as sending frequent reminders to practice good security will reduce your organization’s chances of being breached.
2 | Stay Vigilant
In the present climate, staying aware is one of the best strategies to protect a firm against cyberattacks. So, what does this mean? Although best practice, staying vigilant stretches far beyond taking a pause before clicking on a link in an email. It includes crafting a strong cybersecurity policy that identifies specific measures companies and employees can employ to assist with putting up a solid defensive wall. Effective tactics include:
- Installing a strong spam filter;
- Enabling multi-factor authentication on all company devices;
- Regularly backing up data;
- Clearing browsing history and cookies;
- Automatically logging company users out of accounts and computers every night; and
- Implementing password best practices.
Employing these practices will go a long way to preventing a cyber incident.
3 | Verify, Verify and Verify Once More
As children, we learned the basic safety tips to help us stay calm and in control during a fire.
Stop, drop and roll.
Does this sound familiar?
Cybersecurity best practices have a similar saying, verify, verify and verify once more. In other words, think before you click.
This advice has never been more important. Companies, employees and clients can all do their part to ensure their information and data remain safe. Clients can participate by verifying wire instructions by phone before initiating a wire and sending the completed subscription documentation securely and not via email. These extra steps are critical to ensure wire proceeds end up in the right bank account and your investors’ personally identifying information is protected.
To that end, companies and employees can do their part, too, by implementing reputable share file systems. The push and pull file-sharing methodology that involves sending a link and entering a password before opening a file has effectively minimized data breaches. According to Ponemon Institute, 35% of data breaches are caused by the “human factor.” File sharing software significantly minimizes data breaches caused by the human factor element.
We’re In This Together
A security awareness program can shape employee behavior to reduce the likelihood and impact of security incidents, but it is not always enough. Firms should also have an incident response plan at the ready. The hours following a data breach are critical, and an organized and controlled response is most effective at ensuring clients that you are in control. In part two of this article series, we will outline how to create an effective incident response process. Remember, we’re all in this together.