Insights from Your Michigan Bank
Despite publicity and awareness campaigns about cybersecurity threats, small-to-medium-size (SME) businesses remain vulnerable to hackers. According to the Federation for Small Businesses (FSB), SMEs battle about 10,000 cyberattacks—every day, because many small companies don’t invest in security or training to prevent breaches. With the average attack costing small businesses up to $200,000, lack of preparation can lead to a range of financial stress from constrained cash flow to insolvency.
Fortunately, banks in Michigan (and across the nation) monitor cybersecurity trends and have insights into tactics SMEs can employ to reduce the risk of breaches and hacks.
Top Cybersecurity Threats
- Phishing, where cybercriminals send emails to your team and try to trick them into sharing confidential or financial data, is a threat about 75 percent of businesses face Many companies deal with multiple phishing attempts throughout the year.
- What Can You Do?
- Train your team to recognize the ‘tells’ of phishing attacks such as unknown senders or strange email addresses.
- Keep your company’s antivirus software updated.
- Advise your teams that banks will never contact them to ask for corporate account information. Banks will only ask you to provide this information to verify your identity when you call them directly.
- Ransomware compromises business systems by encrypting files and requiring a ransom in order to recover the data. . As many as 20 percent of SMEs face an average ransom of about $6,000. But when you include the system downtime, costs can exceed an average of $140,000. Not to mention, the costs associated with discovering and investigating the attack in addition to reputational damage, making ransomware a significant financial threat.
- What Can You Do?
- Regularly back up your files to systems separate from your primary network.
- Keep software updated and control the devices connected to your network.
- A cloud data breach or cloud-jacking occurs when hackers access files you've stored in the cloud to read, modify, or control your information. Some violations involve malicious code appended to files that your team can download and infect your system with malware.
- What Can You Do?
- Cloud service providers are only responsible for the infrastructure; your team must protect data, control access, and identify and patch any vulnerabilities.
- Implementing multi-factor authentication (MFA), which asks for a third level of verification (after entering a username and password), can add robust protection to your cloud platform.
- Banks in Metro Detroit, Grand Rapids, and Ann Arbor also recommend using MFA with online banking systems.
Keep Your Business Financial Information Secure
You’ve worked long hours and invested energy, funds, and creativity to build your company. Protecting your financial information is essential to keeping your business running smoothly. But you’re also responsible for maintaining the confidentiality of information your customers share with you.
- In addition to following the steps outlined above, including instituting security protocols and training teams, schedule periodic audits of your systems and files.
- Partner with your Michigan bank to ensure you and your team understand best practices for preventing cyberattacks on your financial data.
For more information about the steps you can take to mitigate cyber threats and additional tips for protecting your business, please visit Level One Bank’s Security Center.
“It takes 20 years to build a reputation and few minutes of cyber-incident to ruin it.” – Stephane Nappo