by Marianne Cederlind Executive Vice President and Chief Business Banking Officer / Mission Valley Bank
A recent article written by the Independent Community Bankers Association provided the reminder that the U.S. Department of Homeland Security warns to never give sensitive information to anyone unless you are sure they are who they claim to be and that they should have access to the information. It’s every business owner’s worst fear that they could be the next target.
In today’s business climate, cybercriminals target small businesses with ever-increasingly sophisticated attacks. Spoofed emails, malicious software and online social networks to obtain login credentials to businesses’ accounts, transfer funds from the accounts and steal private information are on the rise.
So, what can and should businesses do to protect themselves? Because cyber-crime can devastate any business, large or small, the best defense is a strong offense. Businesses need to start with a secure IT environment that includes up-to-date anti-virus programs, anti-spyware programs, firewalls and strong passwords that are changed frequently.
However, strong IT infrastructure and internal controls are not enough; employee education is key. Hackers seek weaknesses, such as unwitting employees that may fall for one of the countless social-engineering scams that are prevalent today.
Employees need to understand that the company takes cyber security very seriously. By taking the necessary steps to continually educate staff members on safe Internet and email practices, a business decreases its vulnerability to cyber-crime.
If you believe someone in your organization might have revealed sensitive information, report it to the appropriate people within the organization, including network administrators so they can be alert for any suspicious or unusual activity. Immediately change passwords that might have been revealed. If the same password is used for multiple resources, change it for each account and do not use that password in the future. Watch for other signs of identity theft.
Combating account takeover is a shared responsibility between businesses and financial institutions. Bankers can explain the safeguards businesses need and the numerous programs available that help ensure fund transfers, payroll requests and withdrawals are legitimate and accurate. In addition to constant internal education, Mission Valley Bank works with clients to establish and explain safeguards businesses need to protect themselves with online activity.