Arrow-right Camera

The Spokesman-Review Newspaper The Spokesman-Review

Tuesday, March 19, 2019  Spokane, Washington  Est. May 19, 1883
Clear Day 60° Clear
News >  Business

BBB Tip of the Week: Cybersecurity tips for businesses

By Kirstin Davis Marketplace Director

October is National Cyber Security Awareness Month and a good time to look at safeguarding information at your place of work.

Data breaches are a common occurrence – even the most secure companies being infiltrated – and we still have to hope these places are protecting our personal information. Cybersecurity has to be everyone’s job. Owner, manager or staff, you are a crucial part of protecting information. Train employees and keep on top of new risks. The National Cyber Security Alliance and are great places to start the conversation and keep it going year around.

Your company’s website should have a privacy policy that tells customers what information you collect and how you use it. It is important to educate staff to adhere to the policy. You should be aware of all the personal information you have about your customers, where you’re storing it, how you are using it, who has access to it and how you protect it.

Cybersecurity can be a complex topic, but there are basic steps you can take to protect you and your customers’ data. The National Cyber Security Alliance recommends this five-step approach, following guidance from the National Institute of Standards and Technology:

Identify. Take inventory of key technologies you use and know what information you need to rebuild your infrastructure from scratch. Inventory the key data you use and store and keep track of likely threats.

Protect. Assess what protective measures you need to have in place to be as prepared as possible for a cyberincident. Put protective policies in place for technologies, data and users, and ensure that your contracts with cloud and other technology service providers include the same protections.

Detect. Put measures in place to alert you of current or imminent threats to system integrity, or loss or compromise of data. Train your users to identify and speedily report incidents.

Respond. Make and practice an incidence response plan to contain an attack or incident and maintain business operations in the short term.

Recover. Know what to do to return to normal business operations after an incident. Protect sensitive data and your business reputation over the long term.

Subscribe to the Morning Review newsletter

Get the day’s top headlines delivered to your inbox every morning by subscribing to our newsletter.

You have been successfully subscribed!
There was a problem subscribing you to the newsletter. Double check your email and try again, or email