WHAT CAN I DO TO PROTECT MY COMPANY FROM CYBER ATTACKS?
Protecting your company against cyberattacks is one area of your risk management strategy that cannot be overlooked. According to StealthLabs, “A cybersecurity threat is a malicious and deliberate attack by an individual or organization to gain unauthorized access to another individual’s or organization’s network to damage, disrupt, or steal IT assets, computer networks, intellectual property, or any other form of sensitive data.” Examples of cybersecurity threats facing motor carriers include phishing, malware, and ransomware through email, cell phones, Wi-Fi, USB, and Bluetooth connections. Even electronic logging devices are vulnerable due to their connectivity to law enforcement, vendors, etc. To help protect your company from cyberattacks, here is a brief list of actions to consider.
EMPLOYEE TRAINING AND ACCOUNTABILITY
Employees are targeted heavily by cybercriminals, and it only takes one bad click or slip of the tongue to open the door to thieves. Conduct cybersecurity awareness training with employees to help educate them on the importance of this risk and the recognition of and response to potential threats. Also, do not allow employees to use company computers for personal business or surfing the web.
DATA BACKUPS
Establish a schedule to back up data from computers and servers to a portable or cloud-based storage. To increase protection, use strong encryption methods and multi-factor authentication.
WEBSITE SECURITY
Encrypt and secure your company website with a secure sockets layer (SSL) certificate. Your website’s URL should have ‘https’ in front of it to show users it is secure. Failing to do this can deter applicants who may be reluctant to share personal information on an insecure website.
PASSWORD PROTECTION
Three common mistakes computer users make regarding passwords are making them too short, not changing them regularly, and using the same password for every online account. Using a passphrase that is unique and contains unrelated words is a good start. Also, the passphrase should consist of at least 14 characters and include a combination of upper- and lower-case letters, numbers, and special characters.
For additional information on how to protect your business against cyberattacks, go to the Federal Communications Commission website (https://www.fcc.gov/general/ cybersecurity-small-business) and download the “Cybersecurity Tip Sheet.”
CALL TO ACTION
-
Train all employees on cyber-security threats.
-
Hire a cybersecurity firm to assess your company's vulnerability to cyberattack.
-
Develop a company information security policy.
-
Implement data security, backup, and recovery protocols.
Note: These lists are not intended to be all-inclusive.
This material is intended to be a broad overview of the subject matter and is provided for informational purposes only. Joe Morten & Son, Inc. does not provide legal advice to its insureds or other parties, nor does it advise insureds or other parties on employment-related issues, therefore the subject matter is not intended to serve as legal or employment advice for any issue(s) that may arise in the operations of its insureds or other parties. Legal advice should always be sought from legal counsel. Joe Morten & Son, Inc. shall have neither liability nor responsibility to any person or entity with respect to any loss, action, or inaction alleged to be caused directly or indirectly as a result of the information contained herein. Reprinted with permission from Great West Casualty Company.