As a PEO, you are all too aware that payroll is a prime target for criminal activity in the cyber world since it is a source of money, banking and other personal information, such as social security numbers.
The cybersecurity specialists at UHY Consulting have identified six key areas that you and your IT team can review to evaluate your current situation and possibly look to improve your cybersecurity posture.
- Vulnerability scanning. Cunning cyber-attackers will take advantage of vulnerabilities in software applications and device configurations. It is vitally important that you have a regular program to scan your network for vulnerabilities. If you have the internal IT resources, conduct a scan as soon as you can and begin to identify and patch or remediate any high risk and critical vulnerabilities. If you do not have the manpower or resources to support this activity, contact a trusted third-party to assist you.
- Endpoint detection and response. Ideally, you want a robust incident response capability in place. If not, at a minimum, consider deploying a next generation endpoint detection and response security tool. This software monitors servers, workstations and laptops for anomalous or known bad activity and provides alerts to help quarantine the infected machine(s) and minimize the extent of the disruption. This type of software is quick to deploy and you can have a third-party provider monitor your situation around the clock and help take action. An important consideration is whether you have the ability to properly respond to the issues these tools identify or if you need a managed security service provider to respond on your company’s behalf through quarantine or other isolation capabilities.
- Back up and test. In case of a cyber event, it is imperative that you have good backups of critical systems, data and configurations, so you can rapidly restore normal operations. Some important considerations include, whether you will store the backups offsite or in the cloud; and your ability to successfully restore from a backup.
- Provision your incident response. You cannot wait for a cyberattack to occur to build an incident response plan. You need to have a solid plan in place that has been regularly tested and employees understand their roles and actions depending on the situation. At a minimum, your staff needs to know who to call if a cyber incident is happening. Your security partner should be able to provide a cyber 911 call service that can quickly focus the incident response activities to stabilize the environment and begin the recovery process.
- Cyber insurance. If you do not have cyber insurance, you need to evaluate the risks you are willing to take with your company’s brand, your clients’ trust and your future without it. An insurance broker can provide guidance to help you manage your risk appetite for a cyber loss. If you already have cyber insurance, take the time to review what your policy does and does not cover and clearly understand the carrier’s role versus your role. For operational risks that insurance will not cover, take the proper steps.
- Employee security awareness. Phishing attacks remain the easiest and most likely way to get into your business to steal data, provide an access point to your internal network or begin the staging of malicious software. Employees remain your best source of defense and you can build an internal program to train and educate them about suspicious emails in their inboxes, instant messages, texts and calls. It is important they take the right actions, so a vital component of any program is the continued testing of your staff as it takes practice to stay alert and vigilant.
Our team has worked with hundreds of companies across the country to mitigate the risk of a devastating cyber-attack, and their cyber specialists can design and implement a comprehensive cybersecurity program for your organization. For assistance, please call 630-288-6992 or email firstname.lastname@example.org.