An unsecured database holding the personal information of 49 million Instagram customers was recently discovered. The data breach has affected numerous celebrities, influencers, and brands because the database in question is owned by a social media marketing firm that specializes in sponsored content for the platform. For Facebook—the parent company of Instagram—the episode is just the latest in a series of data security lapses.
Breaches such as Instagram’s appear in the news on a regular basis, but, though the results are usually similar, the causes often vary. Businesses must learn from recent data breaches to protect themselves against similar attacks in the future.
Companies aren’t preparing their employees for threats caused by poor cybersecurity. According to a survey, 33% of employees received no training in cybersecurity practices, while 16% of respondents received little training.
The lack of cybersecurity training for employees is directly evidenced by the spike in cybersecurity incidents. Of an average 3,269 security incidents reported in 2018, careless employees or contractors were the root cause of 2,081.
Seventy percent of small-business owners see mobile services and applications as critical to their business operations, according to research by The Business Journals.
Mobile applications help business owners and managers oversee their businesses from anywhere. They can answer customer queries, push marketing materials, and track employee performance, even when out of the office.
Globally, the internet handles about 71,131 GB of traffic per second, including 2,790,265 emails and 73,849 Google searches per second. How does this concern you?
Your company’s communications (client, vendor, internal) and your employees searching for business-related information help to make up those numbers. And a breach or leak of your business’s data transmitted over the internet could cost you millions.
Small and midsize businesses lose, on average, about $500,000 per cyberattack. This cost includes lost revenue, customers, market opportunities, and clean-up expenses.
Minimizing your cyber risk exposure is key to securing your small business. But it can be challenging for a couple of reasons:
- The risk landscape changes frequently because of the adoption of new technologies such as the Internet of Things (IoT) and artificial intelligence (AI).
- New defense technologies, such as security analytics, are complex and costly to adopt.
Small businesses that are not aware of the latest cyber risk management trends will be not be able to defend themselves against future attacks. You should invest in the right security technologies such as data protection and security automation to secure your business for the future.
Data is the lifeblood of all businesses. You can’t survive without critical data assets such as customer data, intellectual property, and competitor intelligence.
Many small business owners often select off-the-shelf IT security software installed by one-time vendors. They believe that this secures their systems.
What they forget is that the security threat landscape is constantly changing, with hackers trying new tactics such as using AI to hack smart devices. This means small businesses have to continuously update, manage, and scale their IT security systems.
But with limited security expertise, resources, and budgets, small businesses like yours will be find it tough to strengthen and manage your cyber defenses.
Employing managed security service providers (MSSPs) to monitor IT networks, detect threats, and manage systems ensures up-to-date security infrastructure. Your small business will be better protected from cyber risks than others that manage security in-house with insufficient resources and expertise.
There will be 20 billion IoT devices by 2020, according to Gartner.
IoT devices are physical objects embedded with sensors that can connect to an IT network and communicate with other devices and software applications such as mobile phone apps, desktops, printers, and other office/home appliances.
Imagine your surveillance cameras, air conditioners, coffee machines, and office equipment having sensors and actuators to monitor, communicate, and control their own actions. Pretty cool, right? Maybe … maybe not.
Too many businesses have old desktops stuffed into closets, decommissioned servers sitting in a warehouse, or useless CRT monitors taking up space in a storage locker across town. As technology evolves faster and faster, companies pile up ever-increasing piles of obsolete IT assets.
In recent years, cloud storage and software-as-a-service (SaaS) solutions that store data off site have rendered many onsite storage devices bulky and unnecessary. Desktops have been replaced by laptops and tablets. Even the utilitarian flash drive has been usurped by cloud-based solutions such as Dropbox.
Getting rid of old computers and other IT assets involves risk to intellectual property, regulatory compliance, and the environment. Small businesses must create a process that ensures IT assets are dispositioned in a manner that maximizes data security while minimizing environmental impact.
So how do I get rid of all these old computers?
One option is to hire an IT asset disposition (ITAD) vendor. These companies take end-of-life IT assets, securely delete any stored data, and dispose of them in an environmentally responsible manner. While this might seem like an easy choice, you must choose a reputable company and consider a range of factors including transportation and data destruction practices. We’ll come back to ITAD options later in the piece.
Did you know? An average company uses nearly 1,000 cloud applications.
Often, employees sign up for these apps themselves as a way to do their jobs more efficiently, without the knowledge or authorization of the IT team.
This practice is likely to be more prevalent in smaller firms that do not have dedicated IT teams.