Data security is vital to the health of your business. If your company incurs a data breach, not only will you lose customer trust, you also face fines and the potential bankruptcy of your business as once-loyal customers find other solutions providers that they can trust. Investing in the best security protection for your business should be considered a priority.
While marketing and business development are focused on using data to inform decision making, there is less talk about how important it is to understand how valuable data should be protected. Big businesses, like Facebook and Yahoo, have faced questions about how little they have done to protect users privacy. While large corporations like these are often able to absorb the backlash and influence committees who should be meting out punishments, for most online businesses a breach can mean the end of a company.
Numbers you need to know
Recent figures show that:
- three-quarters of marketers view data breaches as genuine threats to brand value
- Only 48% of them currently possess the tools needed to appropriately deal with a data breach
- Only 27% of marketing departments have said they’re completely confident in their ability to identify the precise data involved in a breach
These numbers indicate that there is a genuine problem in the B2B industry. Undergoing a data breach can cost businesses precious time, money and reputation; some organisations never recover from a large scale data breach.
Cybercriminals aiming to illegally capture data or break into business systems are more active than ever before.
Every minute there are:
- reportedly more than 1,200 ransomware attacks
- 818 new malware strains are distributed
- 108,300 phishing emails are sent
It’s predicted a lack of data security sees 58 data records stolen every second, and by 2021, the value of global cybercrime damage is expected to reach US$6 trillion.
Data security is one of the most important undertakings for businesses everywhere. However, most businesses are under-prepared and misinformed. While data breaches are a serious issue, much fear-mongering is having a negative impact on businesses willingness to act. They either overcompensate and spend more than they need, or they ignore the real warnings and remain vulnerable. So how do you find a balance?
Data breach reality
To combat cyberattacks, being informed is one of the best defences you can develop. Knowing the language of cybercriminals and online criminal activity is a good place to start.
- Data Breach: When important data (especially personal or sensitive data) is mistreated, lost, stolen or ransomed. The ICO describes it as “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data. This includes breaches that are the result of both accidental and deliberate causes.”
- Hacking: When an unauthorized person(s) uses system vulnerabilities to gain unwarranted access to a secure network or system.
- Ransomware: When someone manages to take control of a business network or data and demands a ransom in exchange for the information. Oftentimes, businesses receive only a fraction of what data was lost when agreeing to meet the ransom.
- Malware: Short for Malicious Software, causing unauthorized access and damage to a system or data.
- Virus: A type of Malware, entering a computer system without knowledge, exploiting information, damaging data or wiping the system entirely.
- Phishing email: An email or message, aiming to extract the reader’s credentials by posing as a common login system or similar. Some are easy to detect, others are very convincing, and difficult to decipher from the genuine article.
- Server attacks: A deliberate attack on a business server. As many businesses used shared servers, cybercriminals are offered more opportunities to hack into systems. This can be dangerous, as business servers don’t only hold a vast amount of prospect/client data, but can also hold very sensitive employee information, such as payroll credentials.
There are other ways to encounter a data breach, including internal issues such as system failures, but a vast majority of attacks come from a lack of security to combat the above risks.
Increasing data security
There are many data security options available, with differing effectiveness and costs, with many tailored to suit the specific needs of your business. However, some of the most essential data security actions for B2B marketers are very simple, and just take a little extra attention every day.
The 4 Rs of cybersecurity
- Reality – You need to be prepared for cyberattack and make ensure that your team understands the reality of the risk. It is not a question of ‘if’, but ‘when’.
- Response – Consider how you would identify and respond to a breach. Create a response plan that is in line with data regulations and considers:
- What is your immediate action?
- How quickly can you initiate an appropriate response to the breach and notify the necessary staff, customers, prospects, legal bodies and stakeholders?
- Resilience – Your business can recover from a data breach if you have the proper protections in place.
- How will you learn from a data breach?
- What process will you undergo to ensure security flaws are not repeated to avoid future data attacks?
- Rehearsal – As with anything, practice makes perfect. Plan to rehearse a data breach scenario.
- How often will you conduct a rehearsal to understand how your team handle data breach scenarios?
If you follow these steps, you are preparing your business and team to better understand how to deal with a data breach and contain the situation with, hopefully, as little damage to your business and reputation as possible. Knowing the legal requirements is a big part of your preparedness strategy.
Website hacking is a common form of cyberattack that doesn’t always involve data. However, hacking is a way for skilled cybercriminals to access much more than just the back-end of your website. It’s predicted that hackers cost small-medium-sized businesses an average of US$200,000 per year, and 60% of these businesses never fully recover the financial costs. Running regular checks to ensure all chosen security systems are working effectively can help prevent a website hack. It is the responsibility of your IT team to ensure that your website is kept secure, and they should present you with an ongoing maintenance checklist so you are confident that checks are being conducted regularly.
Vigilance over communications
A huge amount of malware and ransomware attacks can be prevented by simply being vigilant, especially when looking at email communications. Ensure your whole team knows what to look for when receiving an email from an unknown source. Even really convincing phishing emails have a tell, so staff should be trained to identify potential threats. It takes one person opening a threat on your internal network to expose your business.
You do need antivirus software, but before you commit, look into your marketing systems and data processes to understand what viruses are business is most vulnerable to. Many sorts of virus won’t apply to your network, and won’t pose a danger to your day-to-day activities, so do your research and invest in software that suits your virus protection needs.
An active firewall is designed to manage the traffic going in and out of your network. It is also important to ensure your network isn’t vulnerable when accessed remotely. Firewalls allow businesses to ensure only certain connections are permitted on their business network, leaving your devices less vulnerable to alien software and external accessibility. If you share a server, ensure that the business(es) you share with have the appropriate measures in place too. If one of them falls victim to a data breach, there’s a chance you will too.
The older your software, the more vulnerable is it to cyberattacks and data breach. You need to agree to regular software updates as prompted by your system. The 10 minutes it takes for your system to update and reset once a week while you make a cup of tea is worth it. Consider that a data breach could cost you days or weeks of clean up, not to mention client loses, and it could have been avoided with a simple weekly update.
You can keep your whole business network safer from data breaches and cyberattacks by continually updating passwords. Changing business passwords every 6 weeks can halt hackers in their tracks. If you’re a business that holds especially valuable data (such as financial records), hackers are more likely to show an interest in your business. Changing passwords regularly for every protected software across the whole system (especially for password-protected data spreadsheets) continues to reset security, and ensures any gaps are once again covered.