Hacking, ransomware, hardware disasters, and network outages have cost businesses of all sizes time, money, and tied up human assets.
Building strategies for cybersecurity is one part preventative, deploying good antivirus and antimalware software, and another part making considerations for business continuity should the worst-case scenario happen to your business, according to expert Nick Fancesco, Chief Technology Officer at Mastermind Lounge.
Francesco recently led a session on cyber security for small business hosted by Finger Lakes Opportunity for Tourism Growth (FLOTG) – the 501(c)3 educational arm of the Finger Lakes Tourism Alliance (FLTA). The session was offered in an effort to safeguard those who serve the tourism industry from cybersecurity attacks increasingly aimed at small business targets ahead of the busy tourism season.
“Any business handling sensitive information should be in the know about basic cybersecurity defenses, but especially those in tourism and hospitality taking customer payments, gathering market data, and building large contact lists,” said FLTA President Cindy Kimble.
“Everyone is vulnerable now, whether on your personal or work computer. The process of deploying viruses, malware, and ransomware is automated now and hackers are not selecting targets anymore. It’s shot-gunning. They’re not looking for you specifically, they’re just looking for the next open computer,” Francesco warned.
Francesco walked participants through the most common points of entry for would-be hackers. While updating passwords, not clicking unsolicited email links or attachments, and using good antivirus and antimalware software remain tried and true measures to prevent data loss to an attack, they aren’t the entire remedy. Training human assets even in small businesses to monitor online threats is an important line of defense.
“I don’t have to break into systems if I can break into people,” he said. “Nobody wants to be confrontational; no one wants to be the person to question someone about what’s going on, but we have to train people to that,” Francesco urged.
Before an attack slips through traditional defenses, backing up your data properly can make cyber threats far less consequential.
“The one thing I’ve learned in 20 years as a data administrator is that you never have enough backups. You need at least three different backups in at least two different places, one of which is offline,” Francesco said.
When an attack happens, creating a rapid response for business continuity must include: Assigning recovery time objectives to all devices in order to prioritize what to restore first; having the ability to revert to pre-internet systems of management; and having a resource inventory at the ready that includes human assets.
Cyber-insurance, especially if taking credit card information from consumers was recommended, employing third parties to handle credit card databases to remove liability, installing cybersecurity policy in the workplace, and properly reporting incidents were also key elements covered during the session.
A recording of the event is available to FLTA members and nonmembers for a fee of $10 and $20 respectively. Proceeds from the event support FLOTG in hosting future events to aid tourism and hospitality business health and growth.
Provided information
