Each state in the U.S. takes its own unique approach to how companies are required to handle data breach regulations. In 2018, Arizona took a look at their antiquated regulations and decide that, because they were trending toward the lesser side of toughness, to update their law.
On April 11, 2018, the Arizona governor signed in an amendment to this law that stated that Arizona can penalize businesses up to $10,000 per person affected by a breach with a maximum penalty of $500,000.
Additionally, the new law stated that businesses are required to notify clients and the Attorney General within 45 days of a security breach or risk facing more fines and repercussions.
This update to the law took cybersecurity concerns and forced them into the hands of businesses—without proper protection, they can risk paying up to $500,000 in addition to the losses their data breach could cause. This tough new amendment highlights just how crucial it is for businesses to take these risks seriously—if ignored, crucial fines could be implemented and businesses could lose more than just money, but rather, client trust. That loss is sometimes insurmountable.
Small Business Risk: Double Standards for Bigger Businesses
Unfortunately, when it comes to data breaches and specific state laws that mandate regulations, there’s typically a double standard when comparing bigger enterprises to smaller organizations.
When Marriott’s guest reservation system was hacked a few years ago, it exposed about 500 million guest’s information—names, phone numbers, passport numbers, email addresses, credit card numbers, you name it.
It’s regrettable, but often, small and mid-sized businesses become pretty complacent when large businesses and corporate giants deal with data breaches. If they can get hacked—with their huge budgets and endless resources—what’s the point of even trying as a small business?
Though these larger enterprises suffer huge losses because of data breaches, rarely are they irreparable—whereas, in a small business’ case, that kind of financial pressure and damage could be irreversible.
Especially when it comes to having to notify each and every client about a data breach. Trust is gone, reputation is gone, and often, a lot of their resources are gone as a result, too. A $500,000 liability fine might not affect a company as large as Marriott, but a small business might never be able to pay its data breach fines.
The first step each small business should take is being aware of their state’s unique data breach laws—this can often help motivate small businesses to start looking at their regulations more seriously and gain a deeper understanding of how data breaches can permanently affect them.
The Must-Know Lessons You Need For Protecting Your Small Business
While every company’s strategy for optimal cybersecurity will be unique, there are a few specific lessons and steps that every company (no matter their size) should consider. Continue reading for some must-know tips you can start implementing today to help increase your company’s cybersecurity strategy.
Utilize Strong Passwords
It sounds like a small tip, but it’s actually one of the most crucial things you can do for your company’s cybersecurity. Most organizations use the same, weak passwords across sites and services, and truthfully, that’s a recipe for disaster.
It’s crucial to use strong passwords and change them regularly. If you don’t, you greatly increase your risk of being compromised. Hackers typically choose the path of least resistance, so if a hacker scans the dark web and finds credentials that have been leaked but haven’t been changed, you set yourself up for a cyberattack.
Consider using security tools to help you utilize and manage your passwords.
Emphasize Training Your Employees
This is a step that should be taken ASAP. Unfortunately, some of the main causes of cyberattacks are often traced back to employee error. Make sure your employees understand the necessity of having a strong password, know how to recognize and email phishing attempt, and are up to speed on social engineering.
Scan the Dark Web For Your Company’s Information
Searching the Dark Web is a must. The Dark Web—a sublayer of the Internet that is hidden and unindexed by typical and conventional search engines—consists of databases, private, academic, and government networks and is about 550 times larger than the surface of the Web.
It sounds like a scary process, but searching the Dark Web is crucial for diagnosing your company’s cybersecurity vulnerabilities. This part of the internet is a hacker’s playground. Here, they can buy a person’s identity, SS numbers, email logins, and more.
There are subscription models that allow more than just the bad guys to search the Dark Web. Now, the good guys (your IT partners or your in-house IT team) can search the Dark Web for a business domain to see if the business has any compromises, find vulnerable information, and identify if any confidential information is available.
Remember, once something is on the Dark Web, you can’t get it off the Dark Web—it’s up to you to change your credentials and information.
Upgrade to Next-Gen Protection
Sure, you have anti-virus, and that’s crucial for your protection—but if you have outdated anti-virus, you’re not doing yourself any favors. Anti-virus can only protect you against what it knows about, and with as fast as cybercrime evolves, new anti-virus or anti-virus updates are absolutely vital in order to continuously protect you against new threats.
Establish & Maintain a DNS Filtering Subscription
DNS filtering can circumvent many malicious websites that are designed to steal your information. Domain Name System (DNS for short), is basically the internet phone book resolving every domain name with an IP address. A filtering subscription can help to protect you against a myriad of types of online scams and malicious sites.
Update Your Systems Consistently
Don’t slack when it comes to updating your system. Having proactive security updates and incremental patches applied regularly is crucial for any device on the internet. Your devices can protect you, but they can’t stand up to threats that they don’t know exist—updating your systems is crucial for any device on the internet so they can be patched upand maintained in order to protect you.
What Are You Waiting For?
While each and every one of those tips can be essential to maintaining your company’s security, preventing cyberattacks, and training your employees, ultimately, you’ll want to protect your company the best way possible.
It’s time to ACT NOW and do what needs to be done to protect your company, your critical data, and your reputation. We suggest teaming up with a professional, experienced IT partner who can take your security to the next level. At Your Business Solutions, we suggest you ACT NOW and ACT FAST!
Reach out to Your Business Solutions TODAY to minimize your risk, protect your business, and ensure that you’re keeping your organization safe!
To get your Assessment visit: www.ybs.us/cybersecuritybook/
Why should you listen to me?
I’m a 2-Time Best Selling Author on the topic of Technology. My company (Your Business Solutions) is celebrating our 16thyear in business this year. We’ve been recognized by INC Magazine TOP 5000 list and The Houston Business Journal in their Fast 100 list just to name a few things
To get your Assessment visit: www.ybs.us/cybersecuritybook/