Spencer Heaton—A&S System Consultants
The numbers are in for 2020, and they show we’re losing the war on cybercrime. According to multiple reports, ransomware attacks rose in Canada and around the world in the third quarter last year.
SonicWALL, a Cybersecurity firm, found that although overall malware volumes started to decline in Q3 and again in Q4, ransomware attacks jumped 40% reaching 199.7 million attacks globally by the end of last year. CheckPoint, a cybersecurity solutions provider, reported a 50% increase in the daily average of ransomware attacks compared to the first half of 2020.
Experts attribute this jump to existing security gaps in the IT systems of most small to midsize businesses created by the rapid changes in business structures due to the pandemic. Most were easily preventable.
Brokerages fall into cybercriminal’s prime target group—just look at the number of attacks against the Canadian insurance industry last year. They’re usually small to mid-size businesses holding client data and personal information, items easily sold on the dark web. It makes sense they’re labeled as low hanging fruit, yet most brokers haven’t completed a cybersecurity assessment to determine how to protect themselves which, ironically, is typically a requirement from most cyber coverage carriers.
Ensure you’re aware of the risks you face from ransomware attacks. Follow these steps and you’ll be better prepared to fight the cybercrime pandemic happening right alongside Covid-19.
3 STEPS TO PROTECT BROKERAGE & CLIENT DATA
1) Complete a Self-Assessment or Hire a Cybersecurity Firm to Complete One For You
It’s crucial to ensure your systems are properly secured. Items like multi-factor authentication for all servers and workstations, cloud-monitored endpoint protection and hardened email services are a start. A proper assessment will identify where you’re vulnerable so you can address any weaknesses and ensure your client’s data isn’t breached.
2) Educate Yourself and Your Staff
You’re only as strong as your weakest link. Become the security leader of your firm, help your staff become vigilant and instill a mindset to question everything that doesn’t seem right.
3) Invest in Business Continuity and Disaster Recovery (BCDR)
Your ability to recover is the key to surviving a cyber attack. Ensure all data is backed up and can be easily, instantly restored—down time and complexity cost money! Include emails, local and cloud data, user’s desktop and my documents. Any device or location that holds business or client data is vulnerable and backup solutions are relatively inexpensive, especially compared to paying ransom or having to recreate lost data.