Dun & Bradstreet

RESOURCE

Cybersecurity Risk Management

Data is an Asset – Are You Protecting It?

Cybersecurity refers to the tools, processes, and expertise used to protect computer networks from intrusions by outside parties. Data theft is a major concern for businesses, and cybersecurity analysts are tasked with identifying and defending against hacking attempts. Companies that fail to take cybersecurity seriously may suffer financial, operational, and reputational damage.

There are many reasons someone would steal sensitive information, from identity theft to corporate espionage. The list of companies recently targeted by hackers includes household names from the retail and finance sectors. Building a robust cybersecurity framework has become a priority for businesses that collect or distribute sensitive information. In today’s digital economy, that encompasses both corner stores and multinational corporations.

How Cyber Threats Affect Businesses

Hackers are adept at uncovering system and software vulnerabilities that allow them to access or disrupt business networks. The risk of an intrusion is very real. Here are five common types of cyberattacks and how they can affect a business:

How Cyber Threats Affect Businesses

Hackers are adept at uncovering system and software vulnerabilities that allow them to access or disrupt business networks. The risk of an intrusion is very real. Here are five common types of cyberattacks and how they can affect a business:

Malicious code, such as a virus, is introduced to a network through an email, a link, or a physical upload. The malware can wreak havoc on internal systems, stealing data, erasing files, or blocking access for authorized users. Malware that infiltrates a point-of-sale system, for example, can monitor credit card swipes and expose businesses and customers to identity theft risks.

So-called ransomware attacks are a variation on this theme, with hackers demanding payment in order to repair the damage they’ve done.

Malware spans three risk categories: operational, financial and reputational. In many cases, computers infected with malware become very expensive paperweights. Businesses often lose access to customer files, inventory records, and other electronic documents. When a company’s ability to operate is disrupted, financial damage is all but assured. Finally, news of hacks can cost a business customers or expose it to lawsuits.

How to Prevent Cyberattacks

Cybersecurity experts must protect networks against attacks on multiple fronts. New viruses and security vulnerabilities are discovered daily, but businesses can adopt best practices to help shield themselves from cyberattacks:

  1. Educate employees about malware and phishing. Many people have at least a passing familiarity with the idea of computer viruses. Explaining how common attacks occur, including how to identify suspicious communications, can provide a good first-line defense against hackers. Ask employees to forward these messages to your IT team for further analysis. Network administrators may be able to block senders from delivering more messages.
  2. Ensure that communications are encrypted, and install software patches as early as possible to bolster security controls. Virtual private networks (VPNs), WPA2 and SSL encryption, and security updates from software publishers can all work together to make your network more resistant to hacking. Many attacks used by hackers are already known to cybersecurity experts, and these professionals have written code to protect against the threats. Take advantage of software patches as they become available.
  3. Establish strict data security policies. All employees should understand what the company expects in regard to data and device security. How should people log on to company systems when working remotely? What are their responsibilities when taking laptops or USB drives outside of the office? Most importantly, explain reporting standards that should be followed when an attack is suspected. Don’t wait until after an information security incident to consider the answers to these questions.

Cybersecurity Risk Management and Your Vendors

Many businesses share data with third-party vendors. Cloud-storage solutions may house customer information on servers owned by another company. As a result, a business depends upon another company’s cybersecurity risk management framework to secure data. Management must perform their due diligence when entrusting sensitive files to another party.

The cybersecurity threats discussed above can also affect your business partners. What can a company do to manage risks to data stored externally?

  1. Research potential vendors and existing partners. Learn all you can about their business, including data breaches that may have affected them in the past. You can consult business information databases and media reports to help uncover such incidents.
  2. Ask your partners about their data security infrastructure and policies. A business has every right to know how a vendor will safeguard their information. Pursue answers to your questions until satisfied that the other company is doing all it can to protect your data.

The battle between cybersecurity professionals and hackers will persist into the foreseeable future. Cybersecurity risk management can help businesses take steps to protect their digital resources from hackers.

Now available! The new D&B® Cyber Risk Rating assesses suppliers’ potential vulnerability to cyber threats and the likely impact of a breach on their financial health to help protect your organization’s supply chain.

Explore Our Solutions

Fraud Risk Solutions

Remain vigilant with comprehensive data, specialist insights, machine learning technology, enhanced due diligence, and fraud investigation services.

Learn More

There are multiple Contact Forms popups in the page. Only one Contact Form popup could be present on single page. Please reconfigure Contact Forms and refresh the page.