Managing Your Business' Cyber Security Risk

As companies across industries deploy ever-expanding technology, cyberattacks--a computer system breach by an outside entity--continue to increase. In 2023, cybercrimes, like hacking, ransomeware and malware, cost $8 trillion, according to a Cybersecurity Ventures report, with an IBM study finding the average business loss costing $1.3 million. 

Companies large and small across industries, from manufacturing to transportation to technology, are vulnerable to cyberattacks often undertaken by well-funded "bad actors" who use increasingly sophisticated software and techniques, according to Michael Beamon, Cone Health's IT manager responsible for cyber security and access, who offers these tips: 

Identify business risks and set security standards based on industry best practices: By implementing an industry-appropriate cyber security framework, which includes an organization's information security best practices, policies and guidelines, companies can ensure a comprehensive approach to cyber security risks. According to Beamon, in the healthcare industry, the Health Information Trust (HITRUST) Alliance helps organizations manager data risks, comply with regulations and protect private information. Another option is for organizations to undertake a customized solution and pay to remediate known gaps. 

Address the newest game changer - Artificial Intelligence (AI): "Every business needs to evaluate its 'data trail' and create a usage policy to avoid inadvertent disclosure of proprietary or sensitive information and to determine how AI can be used productively," stresses Beamon. 

Since AI tools, like ChatGPT, use machine learning to formulate responses for any user, employees need to be counseled about the risks of violating confidentiality, privacy, intellectual property and vendor agreements.

In addition, Beamon stresses that often-missed sources of potential cyber security breach are "end-to-end along the supply chain." Contracts with third parties should consider AI use as well. 

Use the right tools to combat cyber security risks: "Multi-factor authentication and long 14-16 letter passwords are important deterrents that protect both employers and employees," adds Beamon. 

In addition, as hackers have become increasingly skilled at spoofing email addresses and phone numbers, dual controls, like those requiring more than one employee to approve large electronic payments, can thwart executive imposter schemes.

To learn more about Cone Health Employee Health and Wellness offerings, call Jacqueline Heyward at (336) 832-7315.