Check out these six tips on cybersecurity preparation from Susan Giffard , Director of Treasury Management & Government Banking at Camden National Bank, Rob Simopoulos, Co-Founder of Launch Security, and Tony Perkins , Attorney and Chief Information Security Officer at Bernstein Shur.
- Be sure you understand the most common kinds of cyberattacks.
- Build strong relationships
Susan recommends that all businesses form a strong relationship with their bank – “Banks are constantly trying to stay one step ahead of fraudsters. It’s important to discuss with your banker the products and tips available to prevent fraud. Additionally, we encourage annual relationship reviews with your treasury management officer to include reviewing all online access and users, signers on accounts, email alerts and more.”
- Use multi-factor authentication and secure wire practices
Use the most secure methods to send online wire transfers with dual controls from different computers plus a token device or app for multi-factor authentication. Be sure to reach out to your bank to learn more. Predetermine wire transfer limits with your bank, and add email alerts to someone outside of your accounting or treasury area.
- Review and upgrade service contracts
It’s key for businesses to review and upgrade their service contracts with technology and service providers . For example, pay attention to contracts with the following:
- Data/document storage and “cloud storage” service providers
- Outsourced information technology service providers
- Outsourced billing and payment processing companies
- Financial institutions
- Contractors with access to data and records storage facilities (for both electronic and physical records)
- Payroll and healthcare benefits processing companies
Tony Perkins advises, “These contracts should ensure that the parties responsible for the handling, processing and storing sensitive data are both protecting data and agreeing to bear the liability and related costs in the event of a data breach due to their actions (or inaction).”
- Check your insurance coverage
Unfortunately, contracts cannot eliminate all risks of a data breach or cybersecurity threat. Tony shared that businesses can also attempt to cover risk through cyberliability insurance . This kind of insurance has become more common and affordable in recent years, but the industry hasn’t yet established standard coverage elements, and coverages can vary significantly. Working with an experienced insurance broker and a knowledgeable insurance coverage attorney is key. Sample areas of coverage include data loss, business interruption, breach notification, public relations, customer credit monitoring, and defense costs. But please remember: “one size does not fit all” in this new and frequently changing insurance space.
- Make cybersecurity part of your work culture
Rob advises, “All employees should receive ongoing awareness training on what to look out for. Cybersecurity should be treated as a core business function that runs throughout the entire organization. Business owners and executives need to lead the entire company through a change in ‘cybersecurity posture’ from top to bottom. Safety in the workplace has shifted through awareness training and HR initiatives, and so should cybersecurity efforts.” Some companies even test employees with simulated email phishing attacks in order to teach awareness and best practices.Curious to learn more? Check out advice from Susan, Rob, and Tony on what to do in the event of a cybersecurity breach.October was National Cyber Security Awareness Month, and Camden National Bank partnered with Launch Security and Bernstein Shur to offer expert advice on managing fraud and cybersecurity for local businesses. For more information and advice, please reach out to our panelists:
Susan Giffard, Director of Treasury Management & Government Banking at Camden National Bank
Rob Simopoulos, Co-Founder of Launch Security
Tony Perkins, Attorney and Chief Information Security Officer at Bernstein Shur