Cybersecurity was the topic at the most recent Kenai Chamber of Commerce luncheon presented by The Better Business Bureau.
Today’s cybercriminals pose more significant threats to the economy than ever before. New safeguards are needed in order to protect businesses both small and large.
Roseann Freitas with the Better Business Bureau explains three basic things to protect your business;
“Well one would be education, and so it doesn’t matter how what age you are it’s learning about what is happening out there. So, finding a resource that can keep you updated you can check us out at bbb.org. But, there are other wonderful resources that tell you and keep you up to date. The other one is that password you mentioned let’s look at a pass phrase instead, don’t use your kids names, don’t use your birthday, don’t use your pet names. Think of a pass phrase whether it’s a lyric from a song or whatever but, make it so it’s not easy the longer the password the harder it is for people to get in. But also keep everything updated and that is every time you get a update coming through on any of your devices from your phone to your computer go ahead and do that installation right then because that usually means they have found a weakness and you need to get that patch put on immediately. And probably the third one is understand as a business owner and even as a consumer you’re a target. We all think it won’t happen to us, but it can. Because they’re going after everybody and they don’t care. They don’t, they don’t discriminate they just throw out a blanket and they’re hoping to get people back so education and don’t share information with people who randomly call you and just because they say they are maybe the IRS or the police don’t believe that either always verify and be a little skeptical when dealing with people.”
Businesses are better able to manage cyber-attacks and learn from industry best practices by:
- Exploring the real and perceived risks of cyber-attacks
- Offering education and awareness – cybersecurity is a complex topic for the business community
- Building public trust in businesses’ cybersecurity standards
Freitas discusses the cybersecurity of the BBB;
“Any business is vulnerable. It doesn’t matter who you are these criminals are sophisticated. So, from our end we are constantly evaluating it, but we too have to make sure we have some manual processes in place that we can’t trust everything to just AI type technology that we’re verifying what’s going out to our customer. So, if you see somebody who says they’re from the Better Business Bureau or they have it on their logo just verify it. On their that they’re logo on the website verify it. You can go to our website, you can check them out to see if they’re accredited. You can also call us, we actually have people who answer the phone, and you can say hey is this person really legitimate. It’s OK to ask and it’s we’re gonna have to do that and not just trust what we see. But, the other thing is if you do go to their website and you’re able to click some of them will have what they call we call dynamic seal you can click on it it will take you right to the BBB website, that’s then a legitimate business but otherwise verified on our as well.”
According to the BBB, Cybersecurity for your business is not only about adding layers of security technology. It starts with understanding and managing your cybersecurity risks.
The 5-Step Approach to Better Business Cybersecurity, based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework, represents an approach that applies to the specifics of your business, helping you understand how best to identify and protect your business’s vital data and technology assets, and how to detect, respond to and recover from a cybersecurity incident.
Step 1: Identify
Take inventory of key technologies you use and know what information you need to rebuild your infrastructure from scratch. Inventory the key data you use and store and keep track of likely threats.
Step 2: Protect
Assess what protective measures you need to have in place to be as prepared as possible for a cyber incident. Put protective policies in place for technologies, data and users, and ensure that your contracts with cloud and other technology service providers include the same protections.
Step 3: Detect
Put measures in place to alert you of current or imminent threats to system integrity, or loss or compromise of data. Train your users to identify and speedily report incidents.
Step 4: Respond
Make and practice an Incidence Response Plan to contain an attack or incident and maintain business operations in the short term.
Step 5: Recover
Know what to do to return to normal business operations after an incident. Protect sensitive data and your business reputation over the long term.
For more details on Cybersecurity from the Better Business Bureau, click here.
