When it comes to ransomware and data breaches, we mostly hear about the attacks on massive corporations. After all, these cyber-assaults can affect millions, so it only makes sense that attacks on big businesses are the ones we hear about. However, this creates a false assumption that only big businesses are affected by cybercrime. Unfortunately, this couldn’t be further from the truth. In fact, small businesses and firms are often targeted by cybercriminals due to their valuable data and relative lack of cybersecurity protocols [1]. Many smaller companies still have not taken the threat of cybercrime seriously. In fact, 51% of small businesses have not dedicated any resources to cybersecurity [2]. In 2021, a year full of cybercrime and ransomware attacks, that’s a recipe for disaster.
Ransomware and data breaches can affect anyone from first-year law students to senior executives. Of course, large companies have sizable cybersecurity operations, so if cybercriminals strike, they’re prepared. For small businesses and firms, however, it’s up to individuals to protect themselves and their clients. Thankfully, there are easy, inexpensive ways for smaller companies to keep themselves safe from cybercrime.
Secure Passwords
Many of us are guilty of using the same password for multiple accounts. It’s perfectly logical to reuse passwords sometimes when we have hundreds of online accounts for various businesses, social media sites and software. However, using just one password for all your accounts can be disastrous, especially if your work passwords are reused. Think about it: If your Facebook password is leaked, and you have the same password for every account, in effect, all your accounts are leaked. While you don’t need unique, thirty-character-long passwords for every account, ensuring that your passwords are varied and strong keeps your most important data safe. Having one of your passwords leaked is bad, but manageable; having all of your passwords leaked is catastrophic.
Cyber Insurance
Cybercrime can still occur even when precautions have been taken. That’s why it may be smart to invest in a relatively new insurance offering, cyber insurance. Many large corporations utilize cyber insurance to minimize the financial risk of a data breach. In fact, after Target’s 2013 data breach, cyber insurance covered USD $90 million of the total damages [3]. For smaller businesses and law firms, one cyberattack could be financially devastating enough to shutter doors permanently. It is a significant investment, but cyber insurance could pay off in the long term.
Ethical Hackers
One of the quickest, easiest ways to determine if your small firm has a security hole is to hire a white hat, or ethical, hacker. The job of a white hat hacker is to breach a company’s computer system, but with permission. Once the hacker gains access to the system, they can snoop around, looking for vulnerabilities. If a vulnerability is found, they simply tell the company and potentially fix it. While the idea of letting a stranger into your computer systems may sound frightening, this process is one of the best ways to prepare for cybercrime. After all, if you find and patch the vulnerabilities, there isn’t much a cybercriminal can do to your business.
Of course, ethical hackers don’t come cheap, and the more experienced an ethical hacker is, the higher the cost. Big corporations have paid from USD $1,000 to USD $15,000 for white hat hackers to breach their computer systems and look for security vulnerabilities [4]. While hiring or contracting an ethical hacker can be a large investment, there’s no better way to determine if your firm is prepared for a cybercriminal attack.
Culture of Security
In addition to paid solutions, a free technique to protect you and your firm’s cybersecurity is to encourage a culture of security. This means updating your software often, using encryption, and being knowledgeable about modern technology and its risks. First, updating your software is one of the easiest ways to minimize the risk of cybercrime. In fact, the infamous Equifax data breach of 2017 occurred because Equifax simply forgot to update its security software when a vulnerability was detected [5]. Keeping software up-to-date is one of the simplest ways to keep yourself and your firm protected. Next, using encryption is an inexpensive, useful tool to keep your documents safe from data breaches. If your documents are unencrypted, cybercriminals have easy access to your most vital files. Encryption provides an extra layer of security that keeps your documents safe from data breaches and leaks.
Finally, cybersecurity education is the largest part of a culture of security. When everyone is aware of cybersecurity risks like phishing scams and the danger of public Wi-Fi, the risk of cybercrime is minimized. Simply informing your friends and coworkers about modern cybersecurity risks helps cultivate a culture of security that helps you (and your clients) stay safe from cybercrime. Simply put, staying informed on cybersecurity is a long-term, effective solution to minimize the risk of ransomware attacks and data breaches.
Backup Your Data
Whether you’re a thirty-year veteran at a firm or just starting your first job in the workforce, backing up your data offline could be the most important strategy on this list. Security vulnerabilities and cybercriminals pose a threat to cloud-based files. If you get locked out of this online data by cybercriminals, you’ll be forced to either pay a hefty ransom or lose all of your online files. The solution? Simply backup your documents offline. And don’t do it just once! At least monthly, copy your files to an offline hard drive. Backing up your documents offline ensures that you, or your firm, are able to continue working even if a cyberattack hits.
Try AXEL Go
If you’re ready to start creating your culture of security, try AXEL Go. AXEL Go is a cloud file-sharing software with an unwavering focus on privacy. AXEL Go lets employees and students share, store, and collect documents securely, all in a simple, easy-to-understand user interface. Offering military-grade encryption, blockchain technology, and decentralized servers, AXEL Go offers the perfect pairing of simplicity and stringent security. To try AXEL Go free for two weeks, click here.
[1] Shankar, AJ. “Council Post: Ransomware Attackers Take Aim at Law Firms.” Forbes. Forbes Magazine, March 11, 2021. https://www.forbes.com/sites/forbestechcouncil/2021/03/12/ransomware-attackers-take-aim-at-aw-firms/
[2] Knutson, Ted. “Small Businesses Bearing Brunt of Ransomware Attacks, Senate Told.” Forbes. Forbes Magazine, July 28, 2021. https://www.forbes.com/sites/tedknutson/2021/07/27/small-businesses-bearing-brunt-of-ransomware-attacks-senate-told/?sh=705864499556
[3] Newman, Craig. “Target’s Cyber Insurance: A $100 Million Policy vs. $300 Million (so Far) in Costs.” Patterson Belknap Webb & Tyler LLP, January 16, 2019. https://www.pbwt.com/data-security-law-blog/targets-cyber-insurance-a-100-million-policy-vs-300-million-so-far-in-costs/
[4] Fazzini, Kate. “Some Freelance Hackers Can Get Paid $500,000 a Year to Test Defenses of Companies like Tesla.” CNBC. CNBC, December 13, 2018. https://www.cnbc.com/2018/12/12/freelance-hackers-get-paid-to-test-the-defenses-of-firms-like-tesla.html
[5] Ng, Alfred. “How the Equifax Hack Happened, and What Still Needs to Be Done.” CNET. CNET, September 7, 2018. https://www.cnet.com/tech/services-and-software/equifaxs-hack-one-year-later-a-look-back-at-how-it-happened-and-whats-changed/