Do This to Prevent Cybercrime and Save Your Business from Disaster Cyber attacks are not a matter of "if" but "when."

By Kari Warberg Block Edited by Dan Bova

Opinions expressed by Entrepreneur contributors are their own.

REUTERS | Kacper Pempel

Not long ago, I heard FBI Director James Comey say, "There are two kinds of big companies in the United States. There are those who've been hacked ... and those who don't know they've been hacked."

I took note and quietly patted myself on the back, knowing I'd taken precautions and thinking we were ahead of the game on this one.

But then I got the call every CEO dreads. It was a panicked employee who was about to send a screenshot of something they'd just seen on our intern's computer. "You have 96 hours to pay a ransom or your data will be permanently locked," the email read.

Related: 3 Lessons From Sony Pictures Cautionary Tale

Fortunately for us, we had a cyber-incident response plan already in place, and I immediately put the plan into motion. As a result, we prevented calamity. Policy, process and practices were what saved us from an embarrassing and debilitating breach.

We got lucky. Putting a number to all of those victimized by cybercrime is difficult -- if not impossible -- but news headlines ranging from the Home Depot, Apple iCloud and Anthem breaches make it clear: This can happen to anyone.

Cybercrime trends

There's a new risk every day. As quickly as technology grows and changes, so do the threats. Even if you think you're not at risk because you don't store consumer data, realize that hackers may target you to access larger businesses you deal with through portals or electronic data exchanges.

Threats are not just consumer data or intellectual property. Everything is interconnected. If hackers access the plans to one component, it may be interchangeable and create vulnerabilities in other processes, divisions, intranets or extranets.

Threats aren't limited to consumer data. Foreign powers and those willing to sell to the highest bidder can cause U.S. businesses to lose a competitive advantage on the global stage anytime a breach occurs.

Cybercrime prevention is now considered a cost of doing business

Cyber attacks are not a matter of "if" but "when." Cybercrime needs to be viewed as any other business risk, and the investment in cyber security cannot be negligible. According to a 2014 Hewlett Packard study, the average annualized cost incurred per attack was $12.7 million, with a range of $1.6 million to $61 million. For protection, experts suggest developing a cyber-audit committee with a multifunctional and multidisciplinary plan of action.

Related: Why Your Password is Hackerbait

Responding to an attack will require action from not only the IT department but from public relations, social media and customer service. A company has a very short window of time in which to inform customers of the breach. Do you know yours?

Risks aren't limited to a particular industry or a specific size of business. The profile of a cyber attacker may vary, but can be associated with organized crime, terrorists, nation states, internal threats or disgruntled employees and ransom attacks.

For international businesses, the risks are expanded and may change based on region. An outside risk assessment can provide invaluable insights that an internal team may not be able to provide. Even if your business's internal data isn't compromised, social media accounts can be hacked and cause serious damage to your reputation.

Even if you have a top-notch cyber security plan in place, human error can create some of the greatest risks for exposure -- as in our case, with an intern.

Protect yourself

  • Use long passwords. Do not use the same password for all accounts
  • Put policies in place that require strong passwords, and require new passwords that were not previously used at regular intervals
  • Avoid the temptation of "free" WiFi and hotspots. These networks aren't secure and your data can be exposed
  • Consider encrypting all emails
  • Develop a cyber-incident response plan that includes your board, legal, IT and management

Cybercrime is not a problem we're going to fix or solve. Businesses have to find a balance between the amount of resources they're willing or able to invest in security while maintaining effectiveness in all other areas.

As Bill Gates said: "Treatment without prevention is simply unsustainable."

Related: Obama Heads to Silicon Valley to Discuss Hacking Threats With CEOs

Kari Warberg Block

Entrepreneur, Founder and CEO of Earth-Kind, Inc.

Kari Warberg Block, CEO and founder of earthkind, is hailed as a market disrupter. Her company’s mission is to preserve the good and prevent the rest. In 2013, Block was chosen as one of the top three Small Business People of the Year by the U.S. Small Business Administration and is an adviser to the National Women’s Business Council, which advises the president, the U.S. Small Business Administration and the U.S. Congress. She’s made it her mission to help other inventors and entrepreneurs overcome obstacles and grow their businesses. 

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Leadership

Why Emotional Intelligence Is the Key to High-Impact Leadership

This article explores why emotional intelligence (EQ) is essential for modern leadership, its connection to business success and how leaders can cultivate it to drive results and inspire teams.

Thought Leaders

12 Big Ideas From Business Books Published in 2024

After considering more than 1000 books for our annual Non-Obvious Book Awards, a few big themes emerged. Read our trend recap and how these trends can help your business in 2025.

Business News

These Are the 10 Highest-Paying Jobs With the Lowest Stress, According to a New Report

From astronomer to geographer, these jobs will reportedly offer the highest paychecks with the least amount of stress in 2025.