—What’s more, given that digital threats tend to go an average of 101 days before being detected by business operators, the damage to an organization from such compromises can quickly add up.

Consider the case of humanitarian aid trip organizer Volunteer Voyages, a single-owner small business which suffered $14,000 in fraudulent charges after an online thief pilfered its debit card information, which the bank refused to reimburse. Or that of popular online food delivery startup DoorDash, which suffered a major data breach this past September, with hackers having accessed sensitive user data for over 4.9 million customers, resulting in tens of thousands in expenses. Likewise, government contractor Miracle Systems, which provides IT and engineering services to over 20 federal agencies, recently suffered losses of $500,000 to $1 million due to an internal server breach.

See:  Cybercrime FinTech, Flare Systems, Raises $1M, Led by Luge Capital

However, considerable as they are, these charges do not factor in additional damage to intangible assets such as brand reputation and customer goodwill. Case in point: Miracle and its clients were later shocked to discover that their data was openly being advertised for sale by hackers on international cybercrime forums for a starting price of $60,000.

Ironically though, even with 480 new high-tech threats now introduced every minute, according to anti-virus provider McAfee, human error still remains one of the greatest threats to organizations’ well-being. With just 3 in 10 employees currently receiving annual cyber security training, it’s all too easy for enterprising con artists or e-mail scammers to circumvent even the most cutting-edge digital safeguards.

Noting this, the over 30.2 million small businesses in America now at risk of digital disruption are advised to adopt a comprehensive mix of both high- and low-tech strategies for combating cyber threats, including:

• Making daily backups and duplicates of data and files that can be retrieved in the event of system compromise or ransomware (malicious software that holds accounts/networks hostage until large sums of money are paid).
• Installing and regularly updating anti-virus, network firewall, and information encryption tools to scan for and counteract viruses and harmful programs; guard against incoming network or denial-of-service attacks; and keep sensitive information safe.
• Routinely monitoring and scanning any device that’s connected to a computer system or network, and prohibiting the use of removable media (e.g. USB drives) at work.
• Limiting employees’ access to only the files, folders, and applications that are required to perform routine on-the-job tasks.
• Providing regular, up-to-date training for staffers at least every 90 days on the latest online threats and trends in cybercrime.
• Engaging in teaching drills and exercises grounded in real-world everyday scenarios that test employees’ ability to detect scammers and respond appropriately to fraudulent requests.

See:  10 Key Issues For Fintech Startup Companies

• Instructing staff about the dangers of clicking on unsolicited email links and attachments, and the need to stay alert for warning signs of fraudulent emails (among the fastest-growing forms of “phishing,” a.k.a. online con artistry, today).
• Utilizing multifactor authentication (requiring multiple checks and approvals) before authorizing any major, uncommon, irregular, or allegedly time-sensitive requests.
• Conducting ongoing vulnerability testing and risk assessments on computer networks and applications to seek out and address possible points of failure before they arise.
• Implementing artificially-intelligent cyber analytics tools that can scan networks, user accounts, and applications to determine what passes for normal behavior, and auto-detect and immobilize suspicious activities before they spread.

Continue to the full article --> here