Barely a week goes by that a major data breach involving a well-known company isn’t in the headlines. From insurance companies to retailers to fast food restaurants to the Internal Revenue Service, no industry or company is safe from the security threat to consumer data. And don’t be fooled into thinking that only large companies are impacted– businesses large and small are at risk and experts predict that 2016 will feature even more data breaches than ever.
In the financial industry, ensuring the security of customer assets, information, and transactions is a top priority. However, according to the FBI, the U.S. financial sector is one of the most targeted in the world. Thieves can essentially break into thousands of accounts simultaneously without setting foot in a bank. Add to this that cyber security threats are rapidly evolving and growing more sophisticated. Technology is always advancing and providing new potential targets (i.e. – mobile apps) and it isn’t a matter of if your business will be hacked, it’s a matter of when.
Thieves can essentially break into thousands of accounts simultaneously without setting foot in a bank.
So what can you do to protect and prepare yourself for a potential cyber attack?
- Assess Your Cyber Risk –Take the time to understand your company’s vulnerabilities by utilizing tools such as Travelers’ free Cyber Risk Pressure Test, which asks a short series of questions and gives you an idea of where you stand. Not only are you at risk of your system being infiltrated, but there are also inside and operational risks that have to be considered.
- Invest in Prevention – Based on your level of risk, ensure you have technical controls and a clear cyber security governance and risk management plan in place that not only accounts for your business but also takes into account third party vendors.
- Prepare a Response Plan – You should have a thorough response plan and clear chain of command in place in the event you do experience a breach, so you can get right to addressing and dealing with the issue versus scrambling to form a plan. Invest a considerable amount of time and resources to this plan and work with outside consultants if needed. Also make sure to revisit and refresh the plan on an ongoing basis.
- Communications is Key – Do you know what you would tell your employees, customers, and the media if you were the victim of a data breach? What about social media? Would you be proactive or reactive to inquiries and what level of detail would you provide? Communications responses to breaches can greatly impact consumer trust in a company. Have a top-notch communications leader (or retain an outside firm) that has a plan in place and is ready to handle your integrated communications response.
- Hire and Train Smart – Having strong leadership equipped to prepare for and respond to a breach if needed is key. Make sure you are employing the best and brightest talent and invest in ongoing training so they are always up to speed on the latest technology and threats.
The key is being prepared and hyper focused on your company and data.
