When thinking about cyber-attacks, do you believe your business is too new or small to be a target? The fact that 88% of Canadian businesses reported experiencing at least one cyber-attack in 2019 shows that all businesses are at risk, including yours. Read on to learn about all the ways you can defend your business from online threats and leverage the GCA Cybersecurity Toolkit for Small Business, sponsored by Mastercard.
Get yourself organized
The first step to making your business secure against cyber-attack is taking an inventory of the physical items you need to protect. Any technology connected to the outside world can be vulnerable to threats. You can start by making a list of your computers, phones, terminals, and other items.
By having a complete list, you’ll be able to track broken or missing equipment and see the last time these items had software and security upgrades. You can start with a simple spreadsheet with serial numbers of your items. Take your organization to the next level with asset tags like barcodes or foil tags for easy identification of your inventory.
By getting your assets organized now, you’ll have a scalable way to keep an eye on your vulnerable items in the future. The upfront work will more than pay off down the road when you prepare your business for cyber threats.
Start updating your defenses
Your physical equipment isn’t the only thing you need to protect. If you have a website for your business, it can be just as vulnerable. An attacker could try to inject their commands into your website, which can result in a loss of data or allow them to hijack your customer’s browser. There is software available to help you identify website weaknesses like this, and others you might not know about yet. Check out the GCA Cybersecurity Toolkit to learn more about your options.
If you’ve enabled ecommerce on your website, that risk may be much higher. Your customer’s name, credit card details and more could be exposed. Encrypting any data you gather through your website is essential for keeping all of this information safe.
Bring your passwords to the next level
Passwords are your first line of defense when it comes to protecting your information and your customers. Cracking one simple password opens up an entire network of opportunity for a hacker. Gaining access to one email account can open the door to banking information, email lists, social media accounts, and so much more. The solution? Complex passwords that vary across all of your different accounts and platforms. Ensure the password you choose is a minimum of eight characters long, uses a combination of upper and lower case letters, and include at least one unique character.
The Government of Canada’s Canadian Centre for Cyber Security (“CCCS”) has also identified two-factor authentication as a baseline security measure for businesses big and small. What is two-factor authentication, you may ask? It’s a security process that requires you to provide two different credentials to access an account or platform. You may decide to request a password and SMS confirmation number, or a password combined with an authenticator app. There are plenty of options, and that will provide you with that additional layer of security.
Protect your reputation and your bottom line
A cyber-attack can mean trouble for your business reputation too. Start monitoring your brand online to prevent scammers from misusing your business name. Using an email standard, known as DMARC, is a great way to verify that an email sender has permission to send messages under your domain. Find the right tools to set up DMARC for your business emails through the GCA Cybersecurity Toolkit.
Use trademark monitoring to alert you if your name is being misused. “Look-alike” domains can trick people into thinking they’re visiting your site by using a slight misspelling or a different ending. Keep an eye out for these instances so you can take action to protect your reputation.
Reputation isn’t the only thing at risk when it comes to cyber-attacks. There are also financial consequences, whether that’s client notification costs, credit monitoring fees, lost business income, and more. If found negligent in a data breach specifically, a business could be liable for up to $100,000 in fines under the PIPEDA Digital Privacy Act.
Protecting Small Business Cybersecurity
Cyber-attacks are becoming more commonplace for businesses big and small, and scammers are only getting more creative. The best way to protect yourself is to stay organized, alert, and updated on all of the latest trends in cybersecurity. To help protect the business you and your customers are so passionate about, RiskRecon, a Mastercard company, is providing Canadian small businesses (0-100 employees) with free cybersecurity rating assessments through RiskRecon’s 'My Cyber Risk' until December 31, 2020.
Using safe, non-invasive techniques, RiskRecon helps hundreds of organizations better understand and act on their enterprise cybersecurity health by continuously discovering their digital footprint and assessing their cybersecurity across 40 security criteria spanning thousands of security checks.
If you are a Canadian small business organization with 0-100 employees, just fill out the form and RiskRecon will send you details for how to access your free cyber assessment.
The information in this article is provided solely for informational purposes and is not intended to be legal, business or other professional advice or an endorsement of any of the websites or services listed.