In your last article, you talked about Cyber Insurance and the need for it. How else do I protect my data?
Purchasing Cyber Insurance is one way to help manage your costs after a cyber attack or data breach. The options for this coverage are continually improving. Since my last writing, several more companies have introduced products. Some even pay for the negotiation and payment of ransoms in order to get your data back.
Prevention of an attack is the other main strategy. This is done through strengthening internal technology to protect against hackers. Improved firewalls, stronger passwords, up to date anti-virus software, more rigorous procedures for remote login, employee education and when all of that fails, an up-to-date and uncorrupted system backup.
Statistics Canada provides data from 2017. At that time, 21% of businesses were impacted by cyber security incidents. More than half of those reported that cyber security incidents prevented employees from carrying out day-to-day work and one third experienced additional repair or recovery costs. We know for certain that these numbers have increased drastically since then. It is reported that 58% of cyber loss victims are small to medium sized businesses. And the COVID pandemic provides Cyber criminals with even more opportunity.
Your current and active data base is not your only risk. Large databases of saved information have become dangerous liabilities for both businesses and consumers. However, there is a simple solution to avoid data becoming toxic if a leak or breach occurs.
Companies need to evaluate the data they store and for how long and purge any unnecessary data. Weigh the pros and cons of continuing to store data deemed high risk. By doing so, is there the potential to jeopardize the organizations reputation, financial stability and /or relationships with customers? The value of holding the data will most likely not outweigh the risk of losing it.
With notes from Canadian Underwriter