Mid-Year Cybersecurity Checklist
We are half way through the year and daily hear about new cyber-attacks. What is keeping CEOs awake at night? According to the second annual Travelers Business Risk Index, cyber risk is now the second biggest concern for businesses. Specifically, businesses are concerned about malicious and criminal attacks (55%), human error (24%) and system glitches (21%).
Cyber Security Checklist
Mid-year is a good time to review your cyber security measures. Check your status on these activities to support the cyber measures you do every day:
• Wi-Fi firmware: Have your IT person check that your firmware is up-to-date. There is a new rash of attacks on Wi-Fi systems for small businesses and home offices. If your staff works remote, be sure to have those routers checked also.
• Software patches: Make sure all the patches released in recent months have been installed. Check that no one has disabled your automatic patch update programs.
• Awareness training: Is it time for another awareness lunch and learn, or repeat class for employees that didn’t attend one offered earlier this year? Keep the training fresh and engaging so your people know they can help protect your business.
• User access levels: Have you added new staff recently? What about promotions or department changes? Check to ensure each employee has the right level of access to do his/her job, but no one else’s.
• Former employees’ access: If employees have left your business, double check to confirm that all of their accesses has been terminated. Sometimes there is a lag time during transitions, so it is worth confirming these former team members are truly former on your system.
• Backups: Ransomware is again attacking many businesses. Review the frequency of your backups so they meet your retrieval needs if something happens to your data. Test the last full back up to make sure it is usable. Consider doing a full mid-year back up in addition to your standard back up schedule. It is ok to be paranoid about backups.
• Bank account access: All financial institutions are being attacked by cyber criminals. Make sure your banker is just as concerned about cyber security as you are. Ask about what new measures they are taking to protect your money. Find out if they offer a cyber security assessment of your business.
• Cyber insurance: Go to lunch with your agent and talk about your coverage. Make sure it is in line with your business today. Cyber insurance is changing so learn about what is new that may benefit your business.
• Check batteries: Ok, this is not cyber security, but it is a really good idea – check batteries in your emergency flashlights, smoke detectors that are not hard wired, and anything else that uses a battery.
A little extra time mid-year on the #2 business risk concern will be well worth your time. Constant vigilance and reassessment is necessary for small and mid-size businesses.
To start your career in cybersecurity the NCI offers programs and courses.