How to protect your business from cyber attacks?

We live in the digital age, where cyber attacks continue to increase and we must prepare to protect our confidential information. Cyber attacks are those criminal acts that seek to steal, expose and/or take control of a computer system. As a result, they can use the information collected through the cyber attack for financial gain, identity theft, and disruption of a company’s services.

Due to the pandemic, companies have had to digitize their processes and make accommodations so that their employees can continue working remotely. Inevitably, the information of these companies is exposed to different connection systems and, therefore, different computer security risks and threats.

In Puerto Rico, there has been a drastic increase in cyber attacks in 2022, compared to previous years.

Why do I need to protect my business from cyber attacks?

It is important to protect your business from cyber attacks to avoid loss of income, operational damage, legal proceedings and leakage of confidential information. By taking proactive measures, you ensure the confidentiality and integrity of your company. Likewise, everything possible should be done to safeguard customer information. Companies are responsible for mitigating the risk associated with the cyber world.

The most common cyber attacks for companies are:

• Phishing – Phishing is a cyber attack method that attempts to trick victims into clicking on fraudulent links in emails. These links can lead your employees to share private information, putting their personal information and that of their company at risk. Due to technological advances, phishing has become more difficult to detect and usually arrives through emails.
• Business Email Compromise (BEC) – This is when the company’s email is compromised. These types of scams are sent by criminals and are usually directed towards companies that make electronic transfers. They intercept the email and exchange the transfer information to redirect the funds.
• Malware – Malware is a malicious software that seeks to be installed in various ways. It can be installed by clicking a link, downloading an unknown file, or opening an untrustworthy software program. Malware seeks to cause damage and obtain information through data transmission.
• Ransomware or ransom malware– is a type of malicious software that prevents users from accessing their system or personal files and asks for payment to access them again.
• Social engineering – Attackers use various techniques to convince a victim to reveal information that someone can use to conduct malicious activities.
• Denial of Services (DoS) – DoS is the process where attackers generate multiple requests to the server until it collapses and renders the system inoperative. This cyber attack affects business operations directly, causing economic damage.

How do I protect my business from cyber attacks?

• Educate your employees – It is important to provide your employees with basic knowledge about possible cyber attacks, how to identify them and what to do if they are a possible victim of a cyber attack. By providing training on the importance of cybersecurity, you keep your work team safe and avoid possible cyber attacks on your company.
• Do not share confidential information – A vital step to protect your business is to keep security codes and passwords secret. Be careful when sharing any information and/or access to your work team.
• Implement data security systems – By choosing a data security system you can benefit from the reliability that provides additional protection to your company’s information. It also helps protect and monitor information that is happening outside the company, through remote work. For example, using a virtual private network, VPN, can help develop a protection plan for your company’s data.
• Continuous monitoring – Continuous monitoring of information allows your company to be transparent and responsible. This includes, but is not limited to, monitoring your database, systems, networks, transactions and bank accounts. If monitored properly, threats of cyber attacks can be prevented.
• Implement a response plan – Implementing a response plan is vital to ensure business continuity if any cyber attack arises. This plan helps identify information risks, design a program to monitor company information, and establish a data theft recovery plan.
• Use SecurLOCK™ for business cards – Oriental offers you a free, easy-to-use mobile application to protect your business transactions. SecurLOCK™ will allow you to activate or deactivate your card instantly, view your recent transactions and receive instant alerts.
• Additional ways to protect your business – Additional resources can be used to protect your company’s information and data.
  1. It is recommended to upload information to the cloud, also known as a ‘Cloud System’. This allows you to store data and improve its security.
  2. You can implement ‘Endpoint Protection’ to protect networks that remotely connect portable devices that are connected to corporate networks.
  3. Install an antivirus to protect your network against cyber attacks.
  4. Keep systems up to date to minimize threats from cyber attacks.

What should I do if my business is the victim of a cyber attack?

• Ensure continuity of service to avoid additional consequences.
• Notify potentially affected internal and external customers.
• Determine the causes.
  • o It usually requires performing a forensic analysis of the company’s systems. For this you will need the services of a company specialized in cybersecurity.
• Implement a response plan
• Report the attack to the Cyber Crimes Division of the Puerto Rico Police or the FBI.

At Oriental, we want you to have the techniques and tools that allow you to be ready to prevent fraud. Learn more at smarter101.com. We recommend contacting your legal or cybersecurity advisor for expert recommendations. The information provided is for informational purposes only and not as professional cybersecurity advice.