It’s late in the workday, and the CFO is anxious to scoot out a few minutes early. An email comes in from the CEO requesting an immediate wire transfer. Instead of 1) calling the CEO to confirm the transaction or 2) double-checking the sender’s email address, the CFO transfers the money.
If he had taken the time to do either of the steps above, he would have learned that it wasn’t the CEO who requested the transfer after all. Instead, it was an anonymous hacker who created a similar email address to the CEO, mimicked his email signature, and took advantage of a financial officer eager to end his day and less likely to execute proper checks and balances.
It took less than five minutes for the transfer to be confirmed and the hacker to steal thousands of dollars from the company.
This scenario is not uncommon today – in fact, it’s instances like this one that cripple businesses, 60 percent of which fold completely within six months of a cyber breach. Equifax and Target – they can survive. But can your business?
A human resources employee is checking her email when she receives one highlighting branded promotional items available for purchase. She wants to find some fun items to share with new employees during their onboarding process, and she opens an email attachment with a promotional catalog.
Suddenly, her screen goes dark and a message pops up that her data is now encrypted. To secure its safe return, she’ll need to pay a steep ransom or risk it being posted on the Internet. As an HR member, her server stores personal information on all of her company’s employees – contact information, social security numbers, and even direct deposit accounts.
In the blink of an eye, this company’s data was stolen, and even with a ransom payment, there’s no guarantee that employee information will ever be safely returned.
Even if it’s not worthy of headline news, a cybersecurity incident that compromises your company and/or customers’ data is serious, and unless you understand how easily it can happen, you’re not fully prepared.
Your company’s success hinges on driving sales, satisfying customers, and clearing margins. But what will success look like for your business when a security breach compromises your data, leaves your accounts drained and permanently damages your company’s reputation? Despite what headlines often suggest, the vast majority of cyber-attack victims today are small-to-medium sized companies. To hackers, size doesn’t matter – but opportunity does.
Denial and a false sense of security will not protect you from these threats. Your business – and your job – cannot afford not to care about cybersecurity anymore.
MFA works with businesses of all sizes to assess their cybersecurity programs and make proactive recommendations for cyber preparedness. Whether you’re a single-owner small business, a high-tech startup in growth mode, or a stable franchise keeping a close eye on P&L, we can help. Contact us today to schedule a cybersecurity risk assessment and begin taking steps to safeguard your business.