How Vulnerable Is Your Firm to Cyber Crime?

Here's how to reduce your exposure to risks you may not be aware of.

Treat your employees well and they’ll work harder. If that’s not a good enough reason, here’s another: Satisfied staffers are less likely to commit cyber crime against your company.

High-tech saboteurs can steal your data or unleash “malware” and computer viruses that wreak havoc on mission-critical systems. That’s why many entrepreneurs worry about the threat of hackers.

They’re right to worry.

While news accounts typically feature high-profile data breaches at huge corporations, small firms are actually at greater risk. A 2008 survey by McAfee found that 21 percent of small and midsize businesses reported an IT security attack, and one-third of those businesses experienced more than four such attacks in the last three years.

“A smaller company presents a more appealing target because smaller companies tend to lack the resources to invest in the type of access-management and data-leak-prevention technologies that would prevent an attack,” says Mike Spinney, senior privacy analyst at the Ponemon Institute in Traverse City, Mich.

Cyber crime takes many forms. Armed with computer passwords, hackers can penetrate your system and steal confidential or proprietary information. Or they can prevent customers from accessing your firm’s website. Some cyber criminals focus on smartphone software or voice over IP technologies (that provide voice communication over the Internet), posing risks for BlackBerry and Skype users.

Prevention starts with employee awareness. Train your staff to safeguard their passwords (no leaving them on sticky notes in plain sight!). Set guidelines on which websites workers can access from company-owned computers (no visiting shady online social networks that lack proper security!). Provide privacy screens for employees who travel (to prevent a seatmate’s prying eyes from spying!).

Threats From Inside

Even if you educate your workforce about cyber security, you’re still at risk. Disgruntled or renegade employees can become enemies from within.

“Insiders are responsible for between one-third to one-half of all cyber intrusions,” says Larry Clinton, president and chief executive of the Internet Security Alliance in Arlington, Va. “That’s why you should change the access codes when employees leave so that they can no longer get into your system. It’s surprising how often that’s not done.”

When IT employees leave your company, assign your new IT specialist (or a contractor) to conduct a vulnerability assessment. Identify any “back doors” that allow departing techies to corrupt your firm’s data.

If you partner with other organizations or outsource key functions, confirm that outsiders follow strict cyber security protocols. Stipulate in your contracts the specific precautions that you expect the contractor to follow to protect your data, Clinton suggests.

Keep close tabs on morale. If you push people too hard or engender ill will, you increase the odds that workers will turn against you.

Heed red flags of brewing discontent. Encourage people to come to you with their concerns rather than label anyone who voices constructive criticism as a malcontent.

“Keep your door open so that unhappy employees can vent their frustrations,” says Minda Zetlin, co-author of “The Geek Gap.”

Managing Your Techies

With their technical knowledge, IT employees can launch particularly harmful and costly cyber attacks. Zetlin offers these tips to manage your IT team:

  • Spread the knowledge. Ideally, you want at least two IT employees to oversee access to your firm’s computer network. Relying too much on one person to handle all IT operations increases your vulnerability.
  • Slam the cyber door shut—quickly. “Have in place a mechanism that lets you rapidly cut off access to your company’s servers,” Zetlin says. Immediately upon terminating an employee, disable that person’s access to your network.
  • Launch a charm offensive with IT contractors. Unhappy consultants can commit cyber crime just as easily as employees. Make them feel like part of the team and monitor their satisfaction levels.
  • Bring everyone together. In many workplaces, IT specialists work apart from the rest of the group. That’s a mistake, Zetlin warns. Rather than physically separate your IT team, integrate them with everyone else so that they’re more visible.

Because technology changes so fast, involve all your employees in combating cyber crime. Seek their input, share ideas and work together to expose and plug security gaps.

“The threat matrix is constantly evolving, so computer security requires constant vigilance,” Spinney says.

Morey Stettner is the editor of Managing People at Work and the author of five business books, including Skills for New Managers (McGraw-Hill). Based in Portsmouth, N.H., he coaches executives on their communication skills.


MORE LIKE THIS

  • Get the CEO Briefing

    Sign up today to get weekly access to the latest issues affecting CEOs in every industry
  • upcoming events

    Roundtable

    Strategic Planning Workshop

    1:00 - 5:00 pm

    Over 70% of Executives Surveyed Agree: Many Strategic Planning Efforts Lack Systematic Approach Tips for Enhancing Your Strategic Planning Process

    Executives expressed frustration with their current strategic planning process. Issues include:

    1. Lack of systematic approach (70%)
    2. Laundry lists without prioritization (68%)
    3. Decisions based on personalities rather than facts and information (65%)

     

    Steve Rutan and Denise Harrison have put together an afternoon workshop that will provide the tools you need to address these concerns.  They have worked with hundreds of executives to develop a systematic approach that will enable your team to make better decisions during strategic planning.  Steve and Denise will walk you through exercises for prioritizing your lists and steps that will reset and reinvigorate your process.  This will be a hands-on workshop that will enable you to think about your business as you use the tools that are being presented.  If you are ready for a Strategic Planning tune-up, select this workshop in your registration form.  The additional fee of $695 will be added to your total.

    To sign up, select this option in your registration form. Additional fee of $695 will be added to your total.

    New York, NY: ​​​Chief Executive's Corporate Citizenship Awards 2017

    Women in Leadership Seminar and Peer Discussion

    2:00 - 5:00 pm

    Female leaders face the same issues all leaders do, but they often face additional challenges too. In this peer session, we will facilitate a discussion of best practices and how to overcome common barriers to help women leaders be more effective within and outside their organizations. 

    Limited space available.

    To sign up, select this option in your registration form. Additional fee of $495 will be added to your total.

    Golf Outing

    10:30 - 5:00 pm
    General’s Retreat at Hermitage Golf Course
    Sponsored by UBS

    General’s Retreat, built in 1986 with architect Gary Roger Baird, has been voted the “Best Golf Course in Nashville” and is a “must play” when visiting the Nashville, Tennessee area. With the beautiful setting along the Cumberland River, golfers of all capabilities will thoroughly enjoy the golf, scenery and hospitality.

    The golf outing fee includes transportation to and from the hotel, greens/cart fees, use of practice facilities, and boxed lunch. The bus will leave the hotel at 10:30 am for a noon shotgun start and return to the hotel after the cocktail reception following the completion of the round.

    To sign up, select this option in your registration form. Additional fee of $295 will be added to your total.