Why You Need a Multi-layered Cyber Security Approach

By:  |  Category: Blog, Security Monday, February 11th, 2019  |  No Comments

With a new year ahead, it’s wise to look ahead at some of the new cyber-security laws impacting your business.  

One of the more pressing concerns for California business (and it’s a whopper) is the California Consumer Privacy Act of 2018, which will take effect in 2020.  

So what is CCPA and what does the Act do? 

The new act establishes that California residents have “data rights.”

Californians are now guaranteed life, liberty and the right to know how their data is being used. Basically, consumers now own their personal information and have some measure of control over it.  

What happens if a company is breached and violates the consumer’s rights?

While we aren’t sure how this will ultimately play out, technically speaking, the act is enforceable by the California Attorney General and authorizes a civil penalty up to $7,500 per violation. 

In the event of a data breach, California residents will be able to recover up to $750 per incident. Ouch!

This law changes the cyber security protocol. Most companies have been running some type of cyber offensive line, and if that failed and the quarterback got sacked (excuse the football analogy) they cleaned up the mess and apologized to users for the security breach.  “Oooops, we let the bad guys steal your data. So sorry, here’s a year membership to a credit monitoring company.” 

But now, both a strong offense and a defense are going to be necessary. Businesses have to keep the bad guys from scoring or be held liable for big penalties.

Until now, regulatory efforts have mainly focused on the steps businesses must take after a cyber incident, including fixing vulnerabilities, notifying law enforcement, and notifying customers.  

But when fines for data breaches go into effect, the cost for a breach goes way up. Now it’s more than just facing a hit to the reputation and the data loss remediation, now the financial implications could become catastrophic and possibly put your entire business at risk. 

Tips to Protect Your Business:

Consider Cyber Insurance: One way businesses are prepping for the new regulation is by acquiring cyber insurance. Like installing an extra lock on the door, cyber insurance is basically adding another element of protection in a multi-layered comprehensive cyber security plan. 

Develop a Cybersecurity Plan: While the more widely publicized hacks – Equifax, Target, Sony – make the nightly news, small to mid-sized businesses get hit every day. Small Business Trends says 43% of all cyber-attacks target small business. Unfortunately, only 14% can handle the problem. That’s because small to mid-sized businesses generally operate on a thinner margin than their larger competitors.  Take steps and develop a plan to combat hackers.

Know how much your data is worth:  Recognize the financial costs of a big data breach can include: 

  • Investigation 
  • Mitigation of the breach which could include software or hardware patches, or other methods of stopping a virus or plugging a hole in network security 
  • Data restoration 
  • Litigation support and damages should a lawsuit occur 
  • Regulatory penalties and defense 

Downtime: Consider how long your business could survive if your IT systems were shut down completely-even for a few days?

The best cyber protection is a multi-layered approach that considers both your business goals and the current laws protecting consumers.

If you need assistance with a comprehensive cybersecurity risk management plan contact DarkHound at 714-463-6145 or reach us at [email protected] 

Leave a Comment
Read previous post:
Have Your Users Made You an Easy Target for Spear Phishing?

Have unwanted emails made their way into your inbox this month? Targeted spear phishing and blackmailing spam attacks are on...