expert ’ s corner
Is There Blood in Your Waters ?
Hackers are drawn to companies with digital vulnerabilities
By Derrick Leue , PROLINK
Basic risk management is easily illustrated by not venturing into shark-infested waters with an open wound , as sharks are attracted to blood . A parallel can be drawn to the digital world where hackers are drawn to attacking companies or individuals who have vulnerabilities in the digital world .
Human error , malicious employees and poor IT protocols are the most common causes of privacy and data breaches . Cyber crime affects all organizations in Canada ; however , often small- to mid-sized enterprises are more vulnerable than large national or international companies . This is because many smaller companies typically do not have appropriate resources to manage and monitor their websites and online business effectively .
VENDOR RISK
Large entities with a robust cyber security framework in place are not completely immune from cybercrime and should also be concerned about the inherent risks associated with being served by small- and mid-sized vendors . The hackers that stole the personal data of over 70 million Target Corp . customers used the credentials of an HVAC vendor to get into Target ’ s network . For many years , it has been standard practice to require your vendors to provide proof of Commercial General Liability insurance . Moving forward , organizations should be demanding that their vendors maintain the appropriate type and level of cyber insurance . Ensuring that your suppliers have a cyber insurance policy in place will not prevent a privacy breach ; however , insurance is often the stopgap required to prevent a smaller company from ceasing operations as a result of the financial losses incurred as a result of a catastrophic breach . In fact , a recent report from Symantec , a security software company , states that 60 per cent of small businesses will go under within six months of a cyber attack .
RISK MANAGEMENT
Employee education , IT security , prevention , internal auditing and disaster recovery are all critical components of your risk
Omelchenko / Shutterstock . com
SUPPLY CHAIN CANADA • QUARTER 4 2016 • 31