It seems every day we learn about a new data breach, and the numbers keep getting bigger: 56 million records compromised in the Home Depot breach, 110 million at Target, and now 500 million at Yahoo, according to the Wall Street Journal.
Your small business clients will probably never face a breach of this magnitude, but even a few hundred compromised records can jeopardize credibility and cost the company thousands in damages. This makes early detection even more critical, because it takes a lot less time to steal a few thousand records than several million. Don’t let these numbers fool you. It’s not easy to steal millions of records, and it doesn’t happen overnight. These breaches are huge because companies aren’t catching them in time. Last year, data breaches went undetected for an average of 205 days. That’s a lot of time for a hacker to do damage!
How to Prepare for a Possible Data Breach
So what can you do to detect a data breach early? A good hacker isn’t going to announce his presence, but there are some warning signs you should be watching for:
Watch for Unusual BehaviorIf a program acts up, it could simply be a software or hardware malfunction, but it could be something much worse. Check the system for other irregularities.
Investigate Suspicious FilesIf malware is detected, or a user reports opening a suspicious file, don't take any chances. Assume that the malware has infected something, and don't stop investigating until you find out what, if anything, was breached.
Monitor System CommunicationRegularly review communication patterns on the network. If an employee’s computer is accessing other workstations or transmitting large amounts of data to somewhere outside of the network, this could be a sign of a compromise.
Run ScansKeep anti-virus and anti-malware programs up-to-date. Also run vulnerability programs, such as Microsoft Baseline Security Analyzer, to look for missing patches and other security risks.
Check Your CreditCustomer information isn’t the only confidential data on the server. Chances are, there's plenty of information about your client's company on there, too. Changes in your clients's credit rating could be an indication of fraud.
Protect Your Clients and Their Data
When it comes to potential data breaches, the most important measure a company or agency can take is to take no chances. If you detect anything out of the ordinary, investigate it like your business depends on it, because it just might. Checking into business credential monitoring can help, so you can respond quickly to any potential misuse.
Whatever you do, don't wait 205 days to notice the problem. Make sure your clients are protected with cyber liability. Not a memer of the AmTrust family? Join us now.
Barbra Merwin is senior vice president, state disability plans, for AmTrust North America, a multi-national property and casualty insurer specializing in coverage for small businesses.
If you loved this article, you might also like Insurance Industry Evolves with Increasing Exposures and Losses. Want to get more policy updates, industry news, and hot tips for growing your agency? Subscribe to our blog below to be the first to know when we publish a new post!
Editor’s Note: This blog was originally published on October 13, 2016 and has been updated and edited.