Remaining Vigilant in an Increasingly Digital World
After years filled with one data breach after another, privacy and information security can no longer be taken for granted. No company, no matter its shape or size, can sit idly by and hope for the best. They are being trusted with the personal and financial information of their customers and business partners. As the area of cyber security continues to expand, businesses need to shift focus from awareness of the prevalent security threats to active prevention and preparation.
The weakest link? Human Vulnerability
The single largest source of business data breaches continues to be the people working within the organizations. Even the strongest technical security safeguards cannot eliminate threats posed by careless employees or business partners. Failure to actively monitor their individual email accounts or regulate how they maneuver through the internet on their company’s internal network, creates areas of weakness — and cyber criminals are ready to take advantage. Combating this exposure requires organizations to take a proactive role in raising awareness and conducting training to help employees be smarter and safer.
The following tips will help raise awareness among employees, encouraging their careful stewardship of company data and active involvement in the overall security of a business:
• Roll out a communication plan to help employees understand where and how their organization handles sensitive information
• Ensure employees understand the importance of the information they handle
• Test employees through simulated exercises which imitate attempts and attacks that are commonplace in today’s digital environment
Be Ready to Hit the Breach
Unfortunately, even the most stringent cyber security prevention cannot eliminate the possibility of a data breach. Therefore, it is critical for businesses to identify who their key partners will be in the wake of an incident. Appropriately responding to a data breach is a complicated and labor intensive process, involving many active parties. Organizations are encouraged to identify who their “data breach team” will be before an incident takes place.
Response time in a data breach incident is crucial. Proactively enlist partners who can help in the following areas:
• Forensic exams
• Notification assistance
• Legal assistance
• Public relations assistance
• Credit monitoring
Identifying these partners prior to a breach not only increases response time, but also ensures that relationships are established and their capacity for rapid-fire service is verified.
M3 Insurance is committed to being on the forefront of this growing exposure as it continues to evolve and impact organizations of all sizes, from all industries. Our approach to data security does not stop at merely assisting with insurance coverage solutions, but also includes active approaches in preventive risk management and proactive breach response resources.
This information was featured in a BizInsights article, published on July 20, 2016.