Cybersecurity is essential for everyone, but it’s also unique to the individual, said one security expert.
“One of the areas of confusion for cybersecurity is that it’s one size fits all,” said Jake Nix, founder & CEO of RISCPoint at the Aug. 4 OSCPA Town Hall. “And realistically, cybersecurity means different things to different organizations.”
Hackers are constantly looking for ways to disrupt businesses, said Nix. Stealing funds and employee information are just some of the ways criminals can ruin a business, but cybersecurity is a way to guard against attacks from ransomware to phishing.
Coming up with a cybersecurity plan should be your first step in protection, Nix said, and that means understanding the “crown jewels” of the business. Doing an asset inventory and performing a risk assessment will help determine what’s most valuable.
For businesses that think they are too small to invest in cybersecurity, Nix said there are numerous accessible resources at a variety of prices. Cybersecurity is nonnegotiable for businesses that want to be sustainable.
He recommended password managers as another layer of security, and specified that passwords need to be auto generated. Using a password manager for a weak password like “BusinessName123” will not be effective.
“It sounds simple and something like we should all be used to, but the number of breaches, bank theft and identity theft that occur because you have an unsecured password is astounding,” he said.
Another protection is multi-factor authentication, which Nix said is essential for everyone, no matter whether it’s a business or personal account.
Cybersecurity is a never-ending journey, Nix said, and if you use the internet, it’s important to remember you, or your business, are vulnerable to hackers. But putting protections in place can make all the difference.
“At the end of the day, anything can be hacked,” he said. “But at least you’re taking proactive steps to protect yourself from something critical being hacked.”
Register for the Sept. 15 Town Hall here.
To enhance your learning on cybersecurity, visit MyOSCPA.