AllBusiness.com
How Small Businesses Can Defeat Cyber Terrorism

How Small Businesses Can Defeat Cyber Terrorism

Business PlanningSecurityLegacy

Cyber terrorism is not just a problem for banks, communications firms, technology providers, energy companies, the government and government contractors. It’s something that affects every company of every size. It's the worst kind of Business Identity Theft™. It causes destruction and disruption and it has to be stopped.

Cyber Criminals Seek Smaller Targets Because They Can

Small and medium-sized businesses are the new favorite targets of cyber criminals. This is according to Verizon’s 2011 Data Breach Investigations Report. The most likely reasons are: “hackers favor highly automated, repeatable attacks against these more vulnerable targets" or possibly "criminals are opting to play it safe in light of recent arrests and prosecutions of high-profile hackers.”

Personally, I think it’s a lesson learned at the “Willie Sutton School of Crime.” As any successful bank robber knows, you go where the money is, or, in this case, where the targets are. There are millions more small businesses than large. According to the US Small Business Administration, nationally there are 5,717,302  small firms <500 employees with most having less than 20 employees as compared with 17,236  large firms with 500+ employees.

For smaller businesses, the greatest danger comes from ourselves and from those we trust and rely on: our providers and strategic partners and allies. None of us can fight this alone. We all have to do our part.

Why Your Business Is NOT Immune to Cyber Attacks

Cyber criminals look for vulnerabilities they can exploit. Basically, you are at risk if you in business. If you:

  • Use checks or take checks. Cyber attackers duplicate checks with your routing number and cash them. If they’re your checks, your money vanishes. If you take these fraudulent checks and cash them, you can lose your money, too.
  • Use credit cards or take credit cards. Same issues as checks.
  • Use software, even software in the cloud. You can end up opening a “back door” to your data and systems that a cyber criminal can use to infect you.
  • Use passwords — especially if you use the same ones for everything, don’t change them often enough, make them strong, or protect others from getting access to them.
  • Send and receive emails — these  can infect you and others as well as cause problems with other systems.
  • Have firewalls — some aren’t strong enough, aren't installed properly, or aren’t kept current.
  • Put fuel in a vehicle, use an ATM, or have or use any kind of point of sale including “self checkout” device.

What are the Greatest Cyber Security Threats?

According to the Verizon study,

  • Physical attacks that involve card-skimming by manipulating automated credit card devices (such as gas pumps and ATMs) are on the rise, doubling each year since 2009.
  • Hacking and malware are the most common form of attack. Malware, malicious software programs designed to infiltrate and damage computers without the user’s consent, is particularly bad. It resulted in 80% of lost data in 2010.
  • Stolen passwords and credentials are out of control and cause the most problems when it comes to cyber security. Those hardest hit are financial services, hospitality, and retailers.

3 Effective and Inexpensive Actions to Take to Begin to Defeat Cyber Terrorism

Cyber criminals steal a business’ good name and reputation. Just the threat of cyber terrorism makes employees, customers and owners afraid, vulnerable, and less productive. Defeating these business criminals takes three C’s: community, control, and commitment.

These are some simple actions any business can take:

  1. Start a community. Set up an informal group to talk about the issue. Awareness has to come before action. Keep meeting. Share what you learn and your experiences. Don’t be ashamed. Top cyber experts say there are only two kinds of businesses: those that have been hacked, and those that don’t know they’ve been hacked. If you’re a consumer, know there’s a third group: those who know they’ve been hacked and won’t admit it.
  2. Look at your business controls. Have a discussion with all employees about cyber terrorism and get them engaged in prevention and detection. Set up a training program, reward employees for their ideas and efforts. Ask your providers what controls they have to address this threat. You don’t necessarily need proof but you do need to evaluate if they’re doing enough. If not, suggest what would make you less vulnerable. Providers who are disengaged may not be your best choice for products and services for your business.
  3. Be committed to putting these in place, maintaining them, and changing them. The new approach, according to Eric Savitz at Forbes, is to keep agile and get away from old remedies that are static, set-and-forget. You may have only minutes between entry and compromise. Read and put in place ideas from organizations like the Department of Homeland Security. Bookmark Computer Security Institute which tracks and reports on cyber breaches including conducting the yearly Computer Crime and Security Survey, the longest-running project of its kind in the security industry that reports on information about targeted attacks, incident response and the impacts of both malicious and non-malicious insiders. Use these ideas where appropriate but evaluate and track your efforts. Hold yourself and your employees and your providers accountable for staying ahead when it it comes to cyber security.

The opposite of cyber terrorism is cyber security. Make it one of your top business priorities at all times.

“The power of one, if fearless and focused, is formidable, but the power of many working together is better.” -Gloria Macapagal Arroyo

Unleash the power! Here’s to our success!

Profile: Jan Triplett, Ph.D. CBTAC

Jan Triplett, Ph.D., CBTAC, is an entrepreneur, speaker, author, and advocate for small business. Triplett is CEO of the Business Success Center (BSC), award-winning sustainability experts focusing on improving the client’s triple bottom line: profit, people, and the planet. She was a delegate to the White House Conference on Small Business, the Congressional Summit on Small Business, and selected as Texas’ Small Business Advocate by the SBA. She has led successful trade missions and served on company and non-profit boards. Her books include The Networker's Guide to Success, Thinking Big, Staying Small, and Easy to Be Green: Ideas for Small Companies. In addition to writing on growth readiness, business improvement, small business advocacy, and networking at ownersview.com, she teaches regulation, governance, finance, and accounting in the Master of Business Administration Program at Mary Baldwin University. You can find her Thursdays at noon Central Time when she hosts BSC's weekly Nationwide Rebuilding Business Online Forum, with experts and mentors from around the country.