Best practices for a company’s cyber health
How prepared do you think your company is to thwart cyber attacks? Many organizations still rely on defenses that are out of date. It’s easy to fall into complacency, especially if your company hasn’t experienced a major incident.
Read on for some of the biggest threats of the fast-evolving cyber crime landscape and tips to protect your company.
What it is: Malicious software attacks that block access to a computer or network until a ransom is paid.
What your company can do: Make sure all software is up-to-date and that your employees understand the importance of software updates.
- Cyber espionage
What it is: Stealing confidential information and trade secrets from companies, government entities, and individuals. Cyber espionage often starts with phishing emails. The emails appear to come from a trusted source or well-known company and try to make employees open a compromised document or visit a compromised website.
What your company can do: Educate your organization about phishing attacks. Monitor for unusual behavior. Understand your Internet Protocol (IP) by performing a data classification exercise to assess what data is most valuable to competitors and others.
- Denial of service (DoS) and distributed denial of service (DDoS) attack
What it is: An attack that makes a computer unavailable to its intended user. A DDoS attack originates from multiple — often thousands of — IP addresses.
What your company can do: Implement DDoS mitigation plans and perform regular tests. Consider deploying a DoS tool.
- Payments fraud
What it is: A transaction that results in payment to a cyber criminal.
What your company can do: Implement dual custody and ensure the payment initiator and approver are on different devices. Generate financial transactions from stand-alone PCs with email and web browsing disabled. Authenticate all payment requests.
Additional considerations for executives
As a business leader, it’s important to ask tough questions around cybersecurity — and understand the implications of the answers — to protect your customers, business partners, and employees.
Get to know your cyber security group
The questions below can help guide your cyber security conversations with your information technology (IT) and information security (IS) teams.
- What does your network look like from an attacker’s perspective?
- Which third-party service providers have access to your company’s critical data?
- What data is leaving your network?
- Do you have a formal information security policy that all employees and third-party suppliers must follow?
- Do you employ security firms to help test your systems and security controls?
- Is information security part of the conversation with your leadership and board of directors?
For more information about payments fraud and how to safeguard your business, contact your Wells Fargo representative or fill out the Contact Us form on this site.