Global cybersecurity breaches are expected to cost $10 trillion annually by 2025, according to Cybercrime Magazine, while the cost to an individual business averages $4.24 million, says an IBM report based on an in-depth analysis of real-world data breaches experienced by over 500 organizations. The consequences of cybercrime, however, reach well beyond monetary loss. “We believe cyber-crime has serious implications for employment as repeated cyberthreats can jeopardize new investment and, in turn, job creation,” says Kevin Dennean, technology analyst, UBS Americas. “Previously, aggressors mainly targeted personal information, but the latest attacks against companies like Facebook or Sony have brought entire corporate IT infrastructures to a standstill.”
How can you protect your business?
Assess potential cyberthreats to create an action plan. A thorough grasp of potential cyberthreats across a company’s hardware, software, networks, messaging, and website can be the first step in working toward a holistic cybersecurity solution, according to the CIO blog Business owners: Three reasons to look beyond big tech. A cybersecurity risk assessment can identify vulnerabilities in your tech strategy and infrastructure. More important, you can use that knowledge to build an action plan for you and your staff to follow. That plan should include user training, guidance on securing email platforms, and advice on protecting the business’s information assets. The Small Business Association (SBA) shares planning and assessment tools on its website.
Invest in cloud security. “At the enterprise level, shifting to cloud computing has cut company costs significantly while increasing the risk of an online attack,” says Dennean. Though, the challenge with cloud computing is that no single team or process can assure a safe rollout, according to the security news site Threatpost. From code design to unit testing to deployment, teams and tools have to work together to detect risks early while keeping the pipeline of digital products moving. And, even then, there could be gaps in knowledge. Whenever possible, business owners should budget for cloud security because a third-party security provider can help to fill those gaps.
Use secure payment processing. Business owners can work with their banks or card processors to ensure they’re using the most trusted and validated tools and anti-fraud services, according to the SBA. They also recommend isolating payment systems from other, less secure programs and not using the same computer to process payments and surf the Internet.
Support customers in their awareness of, protection against, and prevention of cyberthreats. According to CIO, a collaborative approach to cybersecurity that incorporates customer awareness may become increasingly important. We live in a world where big data and the Internet of Things are increasing the value of data security for consumers, businesses, and other stakeholders, and, as in all security matters, a system is only as strong as its weakest link.
Validate all transactions with “real world” two-factor authentication. It is a sound policy to validate any financial transactions that your business conducts using another channel, such as a phone call. “Business Email Compromise,” as it’s been dubbed by the FBI, led to $1.8 trillion in losses in 2020, with the average victim losing nearly $100,000, according to the online magazine Money. The COVID-19 pandemic created optimal conditions for wire fraud scams, typically conducted through email. Taking the extra step to voice-verify transactions can provide a safeguard against this type of fraud.
For more on cybersecurity, see the CIO report Longer Term Investments: Security and safety 2 March 2022.
Click here for resources exclusively for entrepreneurs, founders, and business owners.
Main contributor: Kerry Breen
This article is for informational and educational purposes only and should not be relied upon as investment advice or the basis for making any investment decisions. The views and opinions expressed may not be those of UBS Financial Services Inc. UBS Financial Services Inc. does not verify and does not guarantee the accuracy or completeness of the information presented.
As a firm providing wealth management services to clients, UBS Financial Services Inc. offers investment advisory services in its capacity as an SEC-registered investment adviser and brokerage services in its capacity as an SEC-registered broker-dealer. Investment advisory services and brokerage services are separate and distinct, differ in material ways and are governed by different laws and separate arrangements. It is important that you understand the ways in which we conduct business, and that you carefully read the agreements and disclosures that we provide to you about the products or services we offer. For more information, please review the client relationship summary provided at ubs.com/relationshipsummary, or ask your UBS Financial Advisor for a copy.
UBS Financial Services Inc. is a subsidiary of UBS AG. Member FINRA. Member SIPC.
Review code: IS2201488