The time is right to take a closer look at cybersecurity as part of your business plans.
Building a client-attracting reputation can take years; losing that reputation can happen overnight.
With ransomware attacks on the rise and the constant threat of Russian hackers (plus possible retaliation for the backlash to the war in Ukraine), the time is right to take a closer look at cybersecurity as part of your business plans.
“Cell phones, web access, data storage and other everyday technology have made businesses vulnerable to cybercriminals targeting proprietary information and money,” says author John Iannarelli, a retired special agent with the FBI who regularly speaks and consults on cybersecurity.
Marketing today relies upon email, websites and computer networks to conduct outreach. This also means that small-scale businesses such as strategy consultants, business coaches and marketing agencies can be hacked, resulting in sensitive data and money being stolen. Iannarelli is a great resource on how to protect your business reputation.
“The reputational damage can impact the company’s ability to conduct future business,” says Iannarelli. “To protect against a cyber-attack, a business must understand the risks. Employees should be educated as to the various cyber threats.”
Iannarelli was an FBI special agent for more than 20 years, during which time he served as the FBI’s national spokesperson, was a member of FBI Cyber Division executive staff, on the FBI SWAT team, and was an assistant special agent in charge of overseeing all criminal, cyber, and counterintelligence investigations. He is the author of multiple books and is a regular contributor to national news media.
He participated in many extensive investigations, including: the Oklahoma City bombing, the 9/11 attack, the shooting of Congresswoman Gabrielle Giffords, and the Sony hack. As a speaker he shares his extensive experience through intriguing storytelling and has presented to Fortune 500 companies, the United Nations, and even at the Vatican where he met personally with Pope Francis.
In short, when it comes to cybercrime, the man knows stuff. We met when he asked for help editing a book about the funny side of his career in law enforcement. With all the news reports about the rise of cybercrime, recently I interviewed him so I could get an update on how small business can avoid being a victim.
“Small and medium-size businesses are especially vulnerable because cybercriminals know smaller-scale operations have less available resources to combat these attacks,” says Iannarelli.
Additionally, he notes, a cyberattack necessitates the added cost of hiring computer professionals to fix the problem, along with attorney fees to defend against lawsuits, and regulatory fines for what might have otherwise been avoidable compliance failures.
Two of the biggest threats he warns against are:
Phishing. “This is a common cybercrime where the cybercriminal sends an email with an attachment that, when clicked, downloads malware onto the computer system,” says Iannarelli. “The malware can then allow cybercriminals to access sensitive data from the company’s network, such as bank account information, credit card numbers, and private email messages. An employee trained to first think before they click can be the best defense against a malware attack.”
Business email compromise. “This involves a cybercriminal hacking into the company’s network to review business email,” says Iannarelli. “Upon determining who handles the company’s financial transactions, the cybercriminal will impersonate a vendor awaiting payment and provide false wiring instructions. Having cyber protocols in place that govern how money is paid based upon email requests can prevent the company from becoming victim.”
Additionally, Iannarelli advises all businesses to employ basic technology defenses, to include secure firewalls and web filtering software to prevent employees from accessing nefarious websites.
“Although such steps cannot eliminate every cyber risk, these efforts can greatly reduce the likelihood of an incident and make the business a less-attractive target, causing the cybercriminal to look elsewhere for another victim,” says Iannarelli.
