Cybercrime aimed at businesses and organizations continues to be a problem. In 2019, over 80% of organizations reported being targets of a phishing or payments fraud1 attack, and those are just two ways criminals can strike. When you add the dangers of malware, ransomware and malicious bots, it’s clear that your organization faces a variety of security risks.
Identifying and stopping cyber fraud is not just a problem for your company’s Information Technology (IT) team anymore. IT security alone is not sufficient to guard against today’s threats. Companies often overlook the “people” factor, yet it is a critical element in building a strong cyber defense.2
The Risks of Cybercrime
So, as a business owner or CEO, why should you be concerned if you’re unaware of any immediate security threats? Because cybercrime is a real business risk and cybersecurity is an ongoing business issue.
Think about your organization as a whole and ask your team some important questions: What are the most important business functions that could be disturbed by a cyber attack? Are we addressing all business activities that could be threatened by a cyber attack? 3
Depending on the type of attack, cybercrime can have very costly and long-term impacts that affect your company and your clients,4 such as:
- Financial Damage: The main goal for cyber-crooks is to steal your money. Financial losses come from a compromised network or from theft.
- Data Damage: Hacking often leaves your company and client data vulnerable to cybercrooks. This creates serious issues and business risk due to theft or ransomware.
- Legal Damage: Compromised client data could result in government penalties, legal costs and other expenses.
- Reputation Damage: If your system is breached or client data compromised, your business may begin to lose clients. If your clients don’t trust your company to keep their financial information safe, you will have a long-term problem.
Three Layers to Build Into Your Cybersecurity Plan
Your cybersecurity plan must be multi-layered. Your defense should start with a solid technological foundation, then address other issues: Creating secure internal processes; educating your staff about cybercrime; and protecting your banking assets.
- Secure Your Process: The AFP 2020 Payments Fraud and Control Survey reports that six out of ten corporations have implemented stronger internal controls for payments and verification of any changes to invoices, bank deposit information and contact data. You can build cybercrime resilience by focusing your internal controls on the concepts of review, validation and authorization.
- Educate Your Staff: Your staff is likely one of your company’s main vulnerabilities. They interact daily with the web and email, and can unintentionally expose you to cyber-attacks with one click on a suspicious email or link. Mitigate this risk by training your staff on how to identify suspicious activity and how to respond to an attack.
- Protect Your Banking Assets: After committing to defending your business with a cybersecurity plan, it’s time to work with your bank to protect your assets.
Hancock Whitney offers ways to add layers of security that will help you recognize and prevent fraudulent transactions. We can help you identify cyber-risk and show you how to be more vigilant against payment fraud.
Learn more about how to protect your business from cyber fraud at our Treasury Services Cybersecurity Awareness web page, and contact your Treasury Services Support Team at 1-866-594-2304 anytime you need assistance or answers to cybersecurity questions.
- AFP: 2020 Payments Fraud and Control Survey Report
- “Cybercrime is not just a tech problem,” Deloitte, https:://www2.deloitte.com/au/en/pages/risk/articles/cybercrime-tech-problem.html, October 15, 2020
- “Why Cybersecurity Isn’t Only a Tech Problem”, Harvard Business Review, December 3, 2019
- “What Can Happen to a Company as the Result of Cyber Crime?”, Avatara, https://avataracloud.com/what-can-happen-to-a-company-as-the-result-of-cyber-crime/, October 15, 2020