Most businesses have a social media presence in this digital age. From Linkedin to Instagram to Facebook, the choices to broaden your online footprint are endless. With every boon however, comes a bane and a digital presence also attracts the no do gooder scammers who are beginning to target businesses in earnest.
According to research conducted by CNBC in 2019, the top hacks of that year included some big names. For instance, mobile game producer Zynga announced in October that a hacker had accessed staggering 218 million account log-in information for customers who play the popular “Draw Something” and “Words with Friends” games.
Another example would be Capital One who announced a massive data breach in late July, reporting that a hacker accessed the information of over 100 million Americans and 6 million Canadians who have applied for credit cards since 2005.
The knee jerk reaction is to beef up firewalls and other technical defences. While these are crucial to prevent online crime, focusing just on these measures will be too simplistic for an issue that is far more nuanced. Think about it this way. Who are the people who will be reading phishing emails that slip through the technical defences? Are your employees aligned in the fight against online crime? As leaders, are you taking this problem seriously and taking measures to ensure that the entire team is on the same page?
According to research conducted by psychologist Emma Williams, what made people susceptible to malevolent influence online was an assumption "that phishing emails and other online scams were easy to spot".
They assume that poor spelling and grammar with suspicious sender addresses are hallmarks of a scam. Added to that would be the cliché references to Nigerian Princes who want to give them millions of pounds. However, "although these types of scams do generate income for scammers, they do not represent the typical phishing email. The problem is that these common stereotypes of what a phishing email looks like can influence people’s judgements, making them less likely to be suspicious of emails that do not display these characteristics." Business-targeted cyber crime is increasingly sophisticated. Even SingHealth suffered its share of hacks.
With this in mind, the long term solution is not just pumping in more money into tech infrastructure but developing a cohesive attitude shift within the business from top down.
Are we aligned in our approach? Is there a team member in charge of tracking phishing emails? Do we have a workable reporting system whereby each member who receives such emails reports them to? Are the types of phishing emails disseminated to team members in a timely manner so that everyone else is put on notice?
A key factor is accountability.
Start with these important steps: Lock down all accounts and change all passwords. Find out what exactly got breached. Check if any of your employees downloaded any Malware by accident. Do not be too hard on yourself or your employees when this happens, the more critical action here is to do a sweep of all devices connected to company networks. After these steps are done, consider conducting training for your employees in best practices to protect not just the company, but their own devices.
Damage control is also important in managing your clients and customers. Informing them and repairing their trust will be your utmost priority, especially if customer data was breached. Provide transparency and solutions on what the company is doing to prevent this from happening again. Customers are usually forgiving the first time and will move on once preventative measures are in place. Hence, it is vital for companies to go to extremes in increasing online security. It is easy to look at things in isolation and assume hacking won't happen again.
At Engaging Leaders, we are all about the human connection. We can help your employees lower the risk of another cyber attack and follow best security practices by being diligent always. Start with a discovery process with us today.
Key Contact: Monica Tan
Monica Tan, Engaging Leaders, leads our clients through a journey of performance and change. With more than 15 years of client and project management experience, she serves as a key advisor to our clients.