With growing security attacks on technology globally, it is becoming increasingly difficult and complex for small and medium businesses (SMBs) to assemble the right in-house resources to protect themselves against the cyber threats they face, whether it’s a data breach through the network, data leakage by employees, or lost laptops/mobile devices. We have also seen an uptick in the number of court cases, where SMBs have had six figure amounts stolen out of their bank account by cyber thieves. The liability for these breaches is being shifted to the CIOs and IT managers. The need for comprehensive information security is more pressing now than ever before.
According to the Norton Cybercrime Report 2011, the cost of global cybercrime is $114 billion annually. Based on the value victims surveyed placed on time lost due to their cybercrime experiences, an additional $274 billion was lost. In India it is estimated that more than 29.9 million people fell victim to cybercrime last year, suffering $4 billion in direct financial losses and an additional $3.6 billion in time spent resolving the crime. With 431 million adult victims globally in the past year and at an annual price of $388 billion globally based on financial losses and time lost, cybercrime costs the world significantly more than the global black market in marijuana, cocaine and heroin combined ($288 billion).
For a growing business, a single financial attack could put a smaller company out of business or irrevocably cut into annual profits for a medium sized business. The implications of a financial breach can be a matter of life or death for SMBs.
Ensuring that organisations not only have the right network security solutions in place but have implemented comprehensive endpoint security is important to defending against the current and emerging cyber threats. This is especially relevant as we have seen hackers move from attacking the network to attacking the PC. Organisations should reevaluate their current security precautions on a regular basis and make sure these measures are communicated companywide. Here are some simple steps to help protect financial data and minimise risk:
Isolate machine for important tasks. Use a dedicated computer for financial matters such as online banking and bill pay. That computer should not be used for extraneous activities such as sending and receiving emails or surfing the Web. Web exploits and malicious email are two key infection vectors for malware.
Don’t trust easily. Avoid clicking on links or attachments