Protecting Your Business Against Cyber Crime
In general, cyber crimes can affect any computer system. On the largest scale, cyber crime is a national security concern, but these crimes harm individuals and small businesses as well. Cyber crimes include identify theft, fraud, phishing, and corporate security breaches. Cyber criminals engage in conduct to steal private information for financial gain. These criminals often employ scams directed at corporate employees. For example, a cyber criminal will send an employee an e-mail disguising the sender, so that the employee believes the content is safe. If an employee downloads the content, the criminal can then access financial information or trade secrets. Both federal and state laws help protect businesses against cyber crime, but businesses must take steps to protect themselves prior to any cyber crime.
Federal law specifically prohibits cyber crime. For example, the Computer Fraud and Abuse Act ("CFAA") protects any computer connected to the Internet that affects federal interests "from trespassing, threats, damage, espionage, and from being corruptly used as an instrument of fraud." If your company is engaged in interstate or international commerce, then the CFAA may provide you legal protection from cyber crime. Not all businesses will be covered under the CFAA. State laws also afford protection to computers from cyber crime. California Penal Code Section 502 protects businesses from cyber crimes, so long as the computer system is lawfully created. While these laws may impose a fine or imprisonment on the offenders, the victims may not be made whole after all. For this reason, businesses must proactively protect themselves.
There are several preventive measures small businesses can take to help protect against cyber crime. First, enforce better password protections. Make sure that employees regularly change their passwords, and that they do not use the same password across different systems or software programs. Second, designate a computer just for banking or financial transactions. The biggest risk small businesses face is banking fraud. To combat this risk, make sure to use a single designated computer that does not allow access to e-mail, social media, or web surfing. A financial cyber crime that attacks through e-mail cannot succeed if there is no e-mail access on the computer that contains financial information. Third, backup your data. A small business could lose all of its data in a cyber attack. Online services (e.g., Dropbox, Google Drive) are available and affordable. Fourth, educate your employees about security measures. You can create all the security measures in the world, but without active participants the measures do not work. Finally, invest in a cybersecurity insurance policy because a general insurance policy may not cover all of your digital information (e.g., trade secrets). So, at this time insurance companies are offering special policies to protect against cyber crime.
For more information about protecting your business against cyber crime, you should consult with an attorney. At our law firm, we assist clients in cybersecurity related issues in order to help them understand the regulations.