Friday, November 29, 2013

The Impact of a Cyber Attack on Your Business

"Statistics show that nearly 60 percent of small businesses will close within six months after a cyber-attack."

That's a scary statistic.  Today I'd like to take a look at how a cyber attack can affect your business.  Let's look at two potential attacks; a malware infection and a DDoS attack on your website.  The first shows the impact of an attack where a system is compromised and used to steal funds from your bank.  The second demonstrates indirect costs associated with an attack that prevents you from making sales.

What I want you to ask yourself is this, "How can I reduce my exposure to these risks?"  Let's look at this in non-technical terms.  Whether you choose to believe it or not, your SMB is exposed to both of them.

For the first example suppose a virus was to infect a system and use a keylogger to obtain the username/password for your SMB's bank account.  You come in one morning and discover there's no money in your bank account.  If you think this can't happen to you then ask Michelle Marsico, owner of Village View EscrowThat's exactly what happened to her SMB.  Almost overnight cyber thieves robbed her company of $465,000.

In the second example you, or someone in your IT dept., receives an email from "Ivan in Russia" threatening to shut your website down unless you pay him $3,500.  Ask yourself, "How many sales per hour/day does my business generate through its website?  How much will we lose if it's down for several hours/days?"

In another real life scenario this is what happened to Endless Wardrobe, an online apparel retailer.  With the companies website down for a week Andrew Burman, Endless Wardrobe's General Manager, estimates they lost "at least a few thousand dollars in business".

As previously stated, I want to look at this in non-technical terms.  The bottom line is your organization experienced a cyber attack that resulted in financial loss.  What can you do to recoup the losses?  I hate to be the bearer of bad news but the answer is most likely nothing.

The only way to protect yourself is to identify your exposure to the risk of a cyber attack.  Beyond implementing technical solutions these involve, among many other things, working with your insurance company, bank and ISP.  Knowing what protections and guarantees these institutions provide beforehand can help you mitigate and recover any losses you may suffer.

Insurance - Talk to your insurance agent.  Determine what, if any, coverage you have against cyber attacks.  If you have coverage make sure it covers against data breaches, cyber theft or a DDoS attacks.  If you don't, look at what is available from your agent or another insurance company.  In either case be sure to perform a cost benefit analysis to make sure you have the right amount of coverage for your SMB.

Bank - You should be familiar with your banks policies and procedures regarding cyber theft.  In many cases you may be out of luck as business accounts are not afforded the same protections as consumer accounts.  If your bank does have a policy/procedure in place make sure you know who to contact or how to report an incident.  One way of reducing your exposure to this kind of theft is through a two-factor authentication, or one time password (OTP), log in method for online banking.  If your bank offers this I strongly recommend you take advantage of it.

ISP - While unable to protect you from cyber theft directly your ISP can help you mitigate a DDoS attack, phishing campaign or malware infection.  Contact your ISP and see what their options for these types of protection are. 

DDoS protection occurs at the network level.  Malicious traffic is filtered out here, before it hits your website.  Make sure you know what number to call or person/department to contact if you are experiencing a DDoS attack. 

For phishing and malware protection they may have a number of solutions.  These could be controls that block spam or prevent access to malicious websites.  Your ISP may be able to provide these services to you but they are usually on a subscription fee basis. 

It's more likely that they will have spam controls that individuals will have to set up on their own.  Ask them for instructions on how to use spam filtering on user accounts.  The ability to block users from accessing malicious websites can usually be found on the ISP provided router.  Check the equipments documentation or ask the ISP for instructions on how to configure web filtering at this level.

Knowing how to handle these three items in advance can significantly influence events in the wake of a cyber attack.  Being able to mitigate or recoup any losses suffered will help you from being one of the 60% who go out of business within 6 months.

No comments:

Post a Comment