It’s Week 1 of Cybersecurity Awareness Month—an initiative launched by the National Cyber Security Alliance and the U.S. Department of Homeland Security in October2004.

 

This year’s theme is “Do Your Part. #BeCyberSmart.”

 

As part of our effort to raise awareness and educate small and medium-sized businesses about cybersecurity, cyber risk management, and cyber insurance, this blog series will offer insight into those topics, provide useful tools, and coincide with the weekly themes of this year’s national campaign.

 

As our lives have become increasingly dependent on technology, virtually all personal and business data is kept on internet-connected platforms, which can become a gold mine for bad actors. Here we offer ways to focus on general cyber hygiene to keep your information safe. 

 

Question: What is the first thing you should do to protect your company’s—and your customers’—data?

 

The answer is simple but may not be obvious and is often overlooked. Take an inventory of all your data. Know where all of your data lives. Then categorize it according to whether it is public (any information available in the public domain), private (information concerning a person that can be reasonably expected to be secured from public view), or regulated (information that must be provided by a company to a regulatory agency).

 

Know who has access. It’s likely that any given company is suffering a data loss or theft from departing employees at this very moment! According to one report, as many as 72% of departing employees admit to taking company data, and 70% of intellectual property theft occurs within the 90 days before an employee’s resignation announcement.[1] Make it a regular practice to audit each individual—current and former—and their respective access levels on a regular basis.

 

Next? Back it up! This process involves copying files onto removable hard drives, which would then be stored in a separate location, or investing in cloud backup, through which data is kept in offsite servers.

 

Download this infographic for additional steps you should take to protect your company’s—and your customers’—data.

 

Every day there seems to be news of a data breach. What are organizations doing wrong and how can they protect themselves? That is the question that the IndianapolisBusiness Journal asked a panel of thought leaders in their special article on technology and cybersecurity.

 

Trava’s Co-founder and CEO Jim Goldman says, “I think it’s less about what organizations are doing wrong, and more about not doing enough.” 


He goes on, “Today’s cyber risk management must involve a comprehensive integrated strategy that first includes understanding your risk with regular vulnerability risk assessments.”

 

Hackers are getting more sophisticated and more aggressive, evidenced by the rising number of small and medium-sized businesses that are falling victim to cyber attacks—two out of every three last year, according to one study.[2] Trava’s automated assessments that check for vulnerabilities in external and internal environments predict how hackers might get into a system, informing better defenses against cyber threats.

 

Another benefit to performing regular vulnerability risk assessments is that they point out other problems that could lead to data loss or destruction of IT assets, be they from malicious software or from a natural disaster. It also can determine if cameras or additional physical locks are needed. Many businesses are surprised when they find existing security protocols have been inadvertently overlooked.

 

For detailed descriptions, key insights, and recommended frequency for each scan type, download our ebook.

 

Citations

[1]Agnew, Richard, YourEmployees are Taking Your Data, Infosecurity Magazine, 10 Oct. 2019, RetrievedJune 25, 2021https://www.infosecurity-magazine.com/opinions/employees-taking-data/

[2]2018 Stateof Cybersecurity in Small and Medium-Sized Businesses report, PonemonInstitute, LLC, November 2018