Think no one is interested in hacking into your small business to get your customer data? Think again. A 2013 survey found that more than half of all small businesses have been hacked. In fact, 43 percent of cyber attacks targeted small businesses in 2015, up from just 18 percent in 2011.
Prevention is key
The best way to deal with cyber hacking is to prevent it using firewalls, two-factor authentication, back-ups, anti-virus programs, and clear procedures. It’s also important to train employees about phishing and internet safety. And be sure that your company complies with the Payment Card Industry Data Security Standard (PCI DSS), which will help safeguard your customers’ credit card data. Should the worst happen, though, you are right to be concerned about your liability.
Who is responsible?
Customers are responsible for choosing usernames and passwords that comply with internet safety recommendations. Nonetheless, if your company’s systems are hacked and customer data is stolen, you are responsible for the breach and the resultant damage. This could create a heavy financial burden if you must compensate customers for their losses.
Get the word out
If your data is breached, all but three states (Alabama, New Mexico, and South Dakota) have specific laws about how and when you must notify your customers. Consequently, it is important to familiarize yourself with laws that apply to your business. Set up a procedure you can follow should a breach occur, so you don’t have to scramble.
Are you covered?
You might assume your business insurance will cover any liability that results from a cyber attack. But standard business insurance does not cover this kind of loss, so you should consider purchasing a cyber-liability policy for your company.
Cyber attacks are a serious concern in today’s business world, so preventing them and preparing for them will position your company well.