Build Up Your Defenses: Prepare for & Prevent a Cyber Attack October 15, 2015 RICCentre According to a report by security technology company Symantec Connect, nearly one million new malware threats were released every day in 2014. And McAfee’s report on Net Losses: Estimating the Global Cost of Cybercrime estimates related damages to be between $375 billion on the low-end and $575 billion on the high-end. Whether you’re a business or an individual looking to protect your assets and prevent theft, a cyber attack plan is essential. But it takes more than just monitoring your bank accounts and using a protected server to fend off cyber criminals. As cyber attacks get more sophisticated, so should your cyber attack prevention plan. Here’s how you can get started. Use an Identity Risk Calculator Are you or your employees being proactive about identity theft protection and data breaches? LifeLock’s Identity Risk Calculator can answer a few short questions including how often you post personal details on social media and if you bank online. After answering each question, LifeLock either congratulates you on a good answer or advises you to reconsider your choice and why. The calculator helps open your eyes to how everyday habits can make you vulnerable to identity theft and what to do about it. Prevent & Educate Keep cyber attacks and malware from infiltrating your business through a back door like employee email. As a startup, you may not have an go-to IT guy, so be sure everyone on staff is employing cybersecurity prevention. Insist on data-encrypted password changes every few months and keep up to date on phishing and malware scams. Be sure everyone’s computer has anti-virus and anti-malware programs installed. All employees should also know what types of warning flags to look for in emails (like asking for credit card information or correspondence with multiple spelling mistakes). Prevention is the easiest way to mitigate cyber attack damages. As your company grows, determine if you need to enforce a policy preventing personal email checks at work to further combat potential malware intrusions. Set up an Incident Response Plan According to global management consulting firm McKinsey & Company, it’s inevitable that most organizations will face a data breach. The potential damage can severely affect infrastructure systems and compromise key data like personally identifiable information. Such a breach could be devastating to a company or person, especially if Social Security numbers are lost. To combat the threat and stay ahead of the game McKinsey & Company recommends organizing an incident-response plan (IR plan) to limit the damage and manage a cyber threat and reduce the recovery time. Individuals can set up their own incident response plan by keeping important phone numbers of credit card companies, banks and investment brokers on hand. Once you realize your information has been hacked, alert your financial institutions to shut down access. It’s also wise to change all passwords and contact retailers or social media platforms you’ve been locked out of. Form Relationships with Law Enforcement It’s easy to throw money at cyber security technology, services and seminars and hope for the best. But there’s another crucial step in cybercrime prevention. Establishing relationships with your law enforcement and how they handle cyber attacks can save you time and money. The Wall Street Journal suggests attending police-sponsored cybercrime events and industry events that help connect you with law enforcement. Devour information and suggested response exercises recommended by area law enforcement and keep in touch on the status of your company’s cyber security plan for additional recommendations.