Why Even Small Businesses Need Cyber Liability Protection
Do you think your business is so small that it is …
Directors & Officers have a fiduciary duty to effectively manage an organization’s risk. The consequences for inadequacy can be irreversible. The responsibility put on those in upper management is held to a higher standard as they make decisions on behalf of the company.
Not just one, but multiple. We’re talking backups for your backups! Online, offline, cloud, external hard drives, paper… whatever the medium you need to ensure there is more than one copy of the critical data needed to run your business.
A VPN creates an encrypted tunnel between you and a remote server. It offers a secure way to connect to the internet, encrypting the data sent over the connection which gives you better levels of privacy while online.
What’s an end-point? An end-point is any device that is physically an end point on a network. Laptops, desktops, mobile phones, tablets, servers, and virtual environments can all be considered end-points. Keep an inventory, ensure all end-points have up to date software and antivirus, and wipe all sensitive data from end-points that are no longer in use.
NextGen Anti-virus (NGAV)
Next-Generation Antivirus (NGAV) uses a combination of artificial intelligence, behavioural detection, machine learning algorithms, and exploit mitigation, so known and unknown threats can be anticipated and immediately prevented. NGAV is cloud-based, which allows it to be deployed in hours instead of months, and the burden of maintaining software, managing infrastructure, and updating signature databases is eliminated.
Why is patching so important? Security! The most critical and obvious benefit of patch management is heightened network security. Patches are often created after a company has experienced a data breach to ensure other businesses’ data remains safe, and applying a patch as quickly as possible lessens the risk of your business becoming affected. Patches typically come with performance improvements which results in increased productivity.
For cyber security to truly be effective you need participation from everyone. Every employee, every day. The most cost effective way to avoid unnecessary cyber incidents is to constantly educate and train your staff. Once a year. “Code of conduct” style training is not enough in today’s world. The threat landscape is constantly evolving therefore you should be constantly educating. Your people can be your best defence, but without the proper tools and training, we can assure you they are the weakest link.
Insurance is an integral part of any risk management strategy. Cyber risks are complex and difficult to comprehend, but what we do understand is these risks exceed almost all organizations’ risk tolerance thresholds.
MFA, sometimes referred to as two-factor authentication or 2FA, is a security enhancement that allows you to present two pieces of evidence – your credentials – when logging in to an account. Your credentials fall into any of these three categories: something you know (like a password or PIN), something you have (like a smart card), or something you are (like your fingerprint). MFA helps protect you by adding an additional layer of security, making it harder for bad actors to log in as if they were you.
Incident Response Planning
An incident response plan (IRP) is a set of instructions to help IT staff detect, respond to, and recover from network security incidents. These types of plans address issues like cybercrime, data loss, and service outages that threaten daily work.
By having a well-documented and practiced IRP, your organization will be better equipped to handle and recover from cyber incidents.