Get your small business cyber-smart in 5 steps

Published on May 18, 2022 | Webster Bank

Safeguarding your company against a cyberthreat has never been more critical. Cybercriminals steal more than data – they steal from your brand. Your customers place their trust in your company, and a breach in cybersecurity undermines that trust — especially when it involves confidential financial or personal information.

Not to worry. We pulled together a list of key things to do to reduce your cyber exposure and protect your company – and your customers – against data breaches, system hacks, phishing schemes, fraud, and other threats.

Ready to get started?

Step 1. Shore up your internal systems

• Top priority! Update company software with the latest security patches
• Establish firewall security for your networks and systems
• Install vulnerability management, endpoint protection, anti-spam and anti-phishing software on all machines – and update with new releases
• Engage a trusted SOC (Security Operations Center) and SIEM (Security Information and Event Manager) to monitor infrastructure activity
• Encrypt all company networks
• Block all non-company devices from networks, including WiFi
• Set up secure remote access via VPN with multi-factor authentication
• Require password protection and multi-factor authentication on all devices
• Eliminate all shared credentials and remove unnecessary admin-level access
• Conduct regular computer and server data backups

Top priority! Update company software with the latest security patches

Step 2. Work with trusted partners only

• Confirm that your bank, payroll processor, web host providers, IT vendors, and any other new or current partners with access to your system follow cybersecurity best practices
• Consult with your banker to ensure that your company adheres to the latest fraud protection controls and standards to protect cash management functions, including payables and receivables

Webster Customers: Did you know that Positive Pay can help detect fraud? Monitor incoming check and ACH payments on your business account(s) and identify potentially questionable activity right away, all through Webster Web-Link¨.

Step 3. Foster a culture of cybersecurity to get employees on board

• Implement regular security awareness & phishing training
• Alert employees of phishing schemes, scams, and emerging risks – like the charity scams that are currently rampant
• Require verbal verification of requests to avoid compromise of email systems and to thwart spoofing and spearfishing attempts to scam employees into revealing confidential information

Consult with your banker to ensure that you’re using the latest fraud protection controls and best practices to protect cash management functions, including payables and receivables.

Step 4. Update your operations planning

• Appoint a team member or team to spearhead security operations
• Define, document, and communicate security policies
• Develop and institutionalize a company-wide Security Incident Response Plan
• Draft financial procedures to reconcile payments and identify potential risk
• Determine an incidence response action plan to trigger in the event of a cybersecurity breach

Step 5. Consider cybersecurity insurance

• Explore coverages to protect against privacy, data, and network exposure, should your system be compromised or targeted
• Research the ROI of insurance costs over lost business revenue, data recovery costs, data breach resources, etc.

Want more tips? Check out our Ransomware Prevention Guide, or download our printable Fraud Awareness Checklist.

Disclosure:

The opinions and views expressed in this blog post are not intended to provide specific advice or recommendations for any company. Please consult professional advisors with regard to your company’s specific situation.