The list goes on and on. It seems every day we hear about another cyber security attack.
While the attacks have targeted big businesses and corporations, associations, small businesses and nonprofits aren’t immune to security breaches, association experts have said.
So what if someone hacked into your system and stole your members’ credit card numbers?
In a June 1 Associations Now story, industry professionals linked data breach mistakes to employee error. For example, employees are lax with confidential information, and should change passwords every three months. But most don’t.
Malware attacks and phishing attempts are two of the biggest culprits, according to an Inc. Magazine story.
It’s scary just how quickly your business’ weak spots can become portals to your most protected information. But there’s help.
In October, the Department of Homeland Security will sponsor “National Cyber Security Awareness Month,” offering educational workshops, events and resources to combat cyber attacks. It may be wise to have your IT department check it out.
In the meantime, below are some other resources to explore:
- In April, Zurich released a report on cyber security, which lists recommendations for organizations of all sizes. One of the recommendations: Organizations should employ the same cyber strategies as government agencies. Education is a must. And so is awareness. “Unfortunately, cybersecurity professionals often assume that the risk posed to the system as a whole is merely the sum of all the point risks,” the authors wrote. “They analyze cyber vulnerabilities looking at one technology, one organization or one nation at a time, paying little attention to how risk might emerge from the interaction of those organizations or technologies. Just as sound, internally-focused risk management failed to protect companies from the collapse of the financial system, strong internal computer security controls won’t shield even the best-protected companies from a ‘cyber sub-prime’ failure.”
- The FCC has a good tip sheet, “Ten Cybersecurity Tips for Small Businesses.” Tip No. 1: Train your employees in security principles.
Perhaps one day there will be a professional association dedicated to cyber security professionals. A new report by Pell Center for International Relations and Public Policy at Salve Regina University advocates for such an organization, arguing a lack of skills and information is undermining efforts to improve cyber security.
Has your association fallen victim to hacking? If so, I’d like to hear about it – and how you resolved the situation. Email me at Kristen@eventgarde.com.
Until then, stay safe. Be smart.