While mobile and cloud-based technologies have made it easier to perform everyday business tasks such as accessing financial systems and monitoring transactions, ensuring the protection of your valuable data and systems requires the right balance of risk and resilience.
Unauthorized access and malicious code are currently among the most prevalent forms of cyber security in the workplace. This includes phishing campaigns in which an outsider mimics a company e-mail address or uses social engineering to assume the identity of the CEO, a company attorney, or trusted vendor. Business e-mail compromise of this nature often targets businesses that regularly perform wire transfers with foreign suppliers and/or businesses in an attempt to steal funds.
Managing risk and bolstering security against this type of fraud is increasingly complicated as cyber-attacks grow in sophistication and frequency. Securing IT systems involving vital business functions including human resources, supply chain, and research is more important than ever.
And while many organizations have dedicated professionals focused on preventing attacks from the outside, internal weaknesses such as mistakes by employees can be just as important to prevent as phishing attacks, third-party access, and lost devices.
A strong perimeter defense matters as much as properly vetting employees and contractors, and establishing carefully managed access to the information specific to roles within the organization.
The best defense involves responding to threats holistically through education, preparation, and risk transfer.
It helps to create a culture where your employees feel free to challenge the need for information, should they receive an email requesting a funds transfer. You want to encourage an ever-critical eye and vigilance in taking that extra step to verify before an irreversible transaction is made.
Moreover, cybersecurity in the workplace should be viewed in conjunction with an overall business continuity strategy, and your financial institution should be integrally involved in helping your business operate and perform successfully.
At Huntington, we can provide cybersecurity insurance coverage that protects against loss and help you minimize breaches by taking steps such as requiring dual approval on certain monetary transactions and advising on administrative changes that can go a long way to protecting your interests.
Our financial and insurance professionals are available to engage you and your colleagues in conversations regularly about how to avoid all types of risk that can interrupt your business.
And while it’s imperative to put a plan in place to prevent data breaches, it’s critical for companies to vet their cyber defenses periodically by testing them with employees and vendors who have systems access. Data security—like all security—is only as good as the weakest link.
It’s also important to hold insurance providers, payroll processors, benefits administrators and others to the same standards as internal users. Third-party providers who have access to any sensitive data regarding customers and/or employees should be held to the same auditing processes and go through the same rigorous vetting process used to ensure the security of internal data.
And just as companies are mounting strong cyber defenses with more secure Automated Clearing House systems, it’s worth noting that experts are seeing an uptick in non-cybercrimes, as more criminals resort to the old-fashioned route, such as check fraud, to gain access to company accounts.
Every person in the organization has a role to play in mitigating the risk of a cyber-attack. At Huntington, we can help you explore how to keep your financial data and transactions safe.