Cybercrime is on the rise, and the onset of the COVID-19 pandemic has left businesses more vulnerable than ever. In the first nine months of 2020, hackers exposed 36 billion records through methods such as phishing and malware.

A big reason businesses don’t prioritize cybersecurity is that many don’t recognize the gravity of cyberattacks. Securing your online system protects everything from your employees’ personal information and health records to your intellectual property and data. Here are five essential ways to safeguard your business against cybersecurity threats.

–

1. Back up your data.

–

Most businesses are familiar with data backups; in fact, over 90% of companies claim to secure their information through backups. However, out of this number, only 28% perform weekly data backups.

Nearly 70% of companies are losing precious information because they did not back up their recent data, according to Acronis. The simple task of securing your files on either a virtual database, like cloud storage, or a physical database, like a USB drive, will grant you access to your information in cases of cyber threats, as well as accidental deletions and power outages.

–

2. Install security software.

–

According to Tessian, 88% of cybersecurity breaches are the result of human error. In other words, most cyberattacks take place because of the unintentional actions of employees, such as clicking on malware or using a vulnerable password. A Google/Harris poll found that 65% of people use the same password across all or multiple sites, making it easy for hackers to access workplace systems.

Downloading security software can help prevent these mistakes from occurring. In addition to anti-virus software and firewalls, it’s advisable to set up spam filters to protect against phishing campaigns.

–

3. Use encryption and MFA.

–

Encryption is a technique that encodes information, making it impossible for hackers or anyone outside of your workplace to consume your data. The number of businesses that utilize encryption is on the rise, with nearly 50% of companies claiming to encrypt their data in 2020.

While encryption is a strong line of defense, it should not be your only one. Businesses should take advantage of multi-factor authentication (MFA) to prevent cybersecurity breaches in the first place. MFA requires extra information, such as a unique code sent to a mobile device, to protect against hackers.

–

4. Protect against internal threats.

–

Verizon claims that 30% of data breaches come from internal actors. While you can do your best to hire trustworthy employees, it’s impossible to verify the reliability of every single person you hire. Methods to prevent internal breaches include:

¯ Outlining strict computer policies (forbid employees from bypassing firewalls)

¯ Installing IDS (intrusion detection systems)

¯ Changing passwords frequently (and especially when employees leave).

In just the past two years, the number of internal cybersecurity breaches has escalated to 47%, according to The Ponemon Institute, making it more essential than ever to implement these policies and changes.

–

5. Create an incident response plan.

–

When it comes to physical emergencies, such as fires, most workplaces have a plan in place. However, an IBM study found that an overwhelming 77% of organizations do not have a response plan ready when it comes to cybersecurity. Considering that, according to a Black Hat USA survey in 2019, 65% of business leaders predict the occurrence of a security breach in their organization in the coming year, you should have a protection plan ready.

An incident response plan (IRP) is a set of instructions designed to help recognize, address and recover from network security threats. In short, an IRP calls for creating a list of responsibilities for team members, summarizing technologies that the team should use, and detailing a data recovery process.

The main purpose of an IRP is to detect a cybersecurity breach as soon as it happens. In the unfortunate incident that employees fail to prevent the breach, knowing about the incident can lead to a smoother and swifter recovery. Believe it or not, in a 2016 Bitdefender survey, 74% of companies reported that they didn’t even know how hackers gained access.

–

Cybersecurity resources

–

The fact that we can’t physically see cyberattacks doesn’t make them any less dangerous. A single data breach in the United States can cost a company over $8 million and expose employees’ and clients’ personal information, hurting the brand itself and the people behind it. That’s why it’s more important than ever to take steps to secure your business against cybersecurity breaches.

—

Paula Fleming is chief marketing and sales officer for the Better Business Bureau serving eastern Massachusetts, Maine, Rhode Island and Vermont. She is based in Marlborough, Massachusetts.