Cyber Monday and Black Friday are right around the corner, and sales are expected to reach more than $682 billion, a 4 percent increase from last year.
The unfortunate reality is that scammers, too, are hoping to cash in on all the action. For the past three years, malware infections jumped by 99 percent from Black Friday to Christmas.
This potential fraud affects businesses small and large alike—yet smaller organizations often lag behind larger companies in the sophistication and scope of their defensive measures. As a result, cyber attacks on small and midsize businesses are on the rise, primarily due to their lack of security protection. With the holiday shopping season ramping up and online scams on the rise, small businesses need to be better prepared.
Here are a few ways small businesses can prepare for holiday shopping season:
Ho ho holiday security training: Most people do some portion of their holiday shopping online, including your employees. And at this point we’ve accepted that some of that shopping will happen in the workplace. Now is the perfect time to remind employees of safe browsing techniques. Set up security training and testing refresher courses. Go over the basics of secure passwords, access controls and proper data-handling protocols. Shopping on the internet is inherently dangerous, especially around the holiday season, so proper training is even more important as employees’ online activities and scams ramp up.
Encrypt. Encrypt. Encrypt. If one of your employees unknowingly visits a compromised website, there’s a chance they may bring malware or other threats into your business’s network. To ensure sensitive data remains safe, database encryption is a must. Even if hackers get into your system, they can’t view encrypted data unless they have specific encryption keys. Data breaches are costly and they also can have devastating effects on a small business’s reputation. Encryption can not only prevent problems during the holiday season, but also down the road and only takes a small amount of effort and resources up front.
Consider data breach or cyber liability insurance. Most businesses of any size have some data risk. For example, if you're a retailer and process credit card transactions, then that credit card information is sensitive data that can present cyber-liability risk. Even if you don't, you likely have intellectual property and personal information about your employees and perhaps your customers and/or vendors that may present risks. So which one is right for your small business? Here’s a quick overview of what each includes:
- Data breach insurance. This often includes coverage for consulting during a data breach, as well as support for breach notification, call center handling, credit and fraud monitoring, and fraud remediation. Coverage for legal defense and liability is less common, but still possible.
- Cyber liability insurance. Cyber liability insurance may include the restoration of data for critical systems, business interruption coverage, and liability coverage if a network or website caused or was used in a breach or attack on another company, as well as the loss of use and/or IP infringement.
Don’t let a holiday hack ruin your company’s December.