Many people don’t consider their cybersecurity startegy as part of their business continuity strategy but it is! Or that cybercriminals are only interested in large corporations. WRONG. This misconception comes from media and news outlets feeding us data breach information of larger corporations such as Marriott, Facebook, and Adobe. The truth is if your business has a computer with access to important information, and can be used to access the internet, then your business is at risk. No matter the size of your business, industry, or state — I’m looking at you, Louisiana, your business NEEDS security!
The number of basic cybersecurity mistakes employees and business owners make continues to grow and grow each day, regardless of the industry they are in! Even with endless data breach horror stories, many organizations still have a “be it as it may” attitude about their cybersecurity.
Look, I get it, cybersecurity isn’t exactly a sexy topic, but that does not change the fact that 60% of small businesses who suffer a data breach NEVER recover! Cybercriminals have discovered that small to medium-sized businesses, of any industry, are easiest targets due to a lack of enforcement and understanding of the recommended cybersecurity policies that have been established by the U.S. Department of Commerce.
To help advocate for the irrefutable need for organizations to have cybersecurity policies, I have put together a list of the top 3 cybersecurity mistakes that I am still seeing made on a regular basis.
Every day, business owners and employees are bombarded with tons of different emails. Personally, I receive multiple emails per day, from my clients, vendors, colleagues, news outlets, and even people that I have never met!
I get it, with all those emails constantly coming in, it becomes easy to get in the zone, and start clicking away at all your emails and the emails’ contents.
Phishing emails are malicious emails that are disguised to be from someone you know and trust. Sometimes these emails will contain links or attachments that will be used to sabotage your system, once clicked. Other times, the emails will be used to try to trick you into giving out valuable information, such as passwords and banking information. Cybercriminals are clever at copying signature lines and logos to make these emails appear to be safe — at least at first glance.
I have seen many different real-life examples of these malicious emails. A common one that I have seen recently is an email that appears to come from the CEO or other executive of your company. The email has a sense of urgency to it and will request things like electronic gift cards or checks to be sent to them immediately.
If you receive an email like this STOP and look at the sender’s address. Is it an email address that you know and trust? Are there any spelling errors in the email address? If you are suspicious of the email address, then do not respond to that email—it is probably a phishing attempt. If you are still questioning the validity of the email, pick up your phone and give them a call with a phone number that you already have listed. Be careful not to trust the phone numbers that are listed in the email that you are questioning!