In recent years, major hacking events from the heartbleed vulnerability in 2014, to the WannaCry ransomware attack earlier this year have highlighted the need for better cybersecurity. More than previous events, however, the recent Equifax data breach illustrates the extent of this problem, and the threat it represents to businesses all over the world.
Equifax has stressed that its business clients weren’t directly affected in this hack, but that’s completely irrelevant in terms of how vulnerable that business data is to future attacks. The next such attack could just as easily exclusively target businesses. To protect themselves, business owners need to learn the lessons offered by this incident, and how they can apply them for their benefit.
1. Globalism comes with data security risks
Though the breach was fundamentally an American issue, it also compromised the data of people all over the world. Anyone who had business dealings in the US was at risk, and the private information of over 400,000 UK citizens was, in fact, compromised. That’s not comparable to a scenario where Equifax’s UK databases are breached, which would make up to 44 million people vulnerable, but it illustrates a different and serious problem.
Because of how economically interconnected we are today, anyone can do business internationally, which means interacting with foreign institutions and sharing sensitive information with financial institutions, government representatives, and other businesses. As this connectedness continues to grow, sensitive data will be captured and stored in more and more places, increasing the risk that it’ll be stolen.
2. Hackers know right where to look for your data
A seemingly obvious solution might be to simply avoid sharing sensitive information as much as possible to limit the number of institutions that have it. Unfortunately this doesn’t work. The Equifax leak exposed 143 million Americans, or nearly half the total population of the country. Obviously, Equifax does not have 143 million customers in the US. They had data on this many individuals because they and other credit bureaus collect information on everyone that they can, not just their customers. After all, they need to be able to respond to credit checks that target non-customers.
Because of the nature of credit bureaus, they need to collect a lot of sensitive data. They receive bank records, and glean additional information from other public records, such as court documents, that they can access to build a clear picture of a person’s financial history. This is unavoidable, and makes credit bureaus an ideal hacking target.
3. Businesses have to accept security risks
History has shown, up to this point, that credit bureaus cannot fully secure their databases against hackers. Further, keeping sensitive information out of those databases isn’t a serious option for businesses. That means that business owners need to accept and work to manage the associated security risks, rather than simply trying to avoid them. That means taking steps to detect identity theft, and setting up contingencies to protect your business’ interests if you become a victim.
4. Businesses need financial backup plans
Identity thieves can use your information to open lines of credit and take out loans in your business’ name. Unfortunately, the first line of defense that you’ll typically rely on is a credit monitoring service, which means you likely won’t know that you’re a victim until after you see an unexpected blow to your credit rating.
It takes time to identify fraud cases and repair the damage to your credit, so you’ll be forced to spend some time operating your business with a damaged credit score. Getting the financing you need to run your business during that time can be a serious problem. Fortunately, there are a few things you can do to make this easier.
Develop a healthy relationship with your financial institution
Work with a financial institution that prides itself on high-touch relationships. Fifo Capital and similar institutions work very closely with clients and become very familiar with their clients’ operations and their real financial viability. That insider knowledge allows them to make judgment calls like ignoring a credit score issue on applications that your primary banking institution might flatly reject as a matter of policy.
Set up a standby finance facility
One ideal tool for managing unexpected credit problems is a standby finance facility. This kind of financing is negotiated ahead of time, and can be drawn on at a later time if the need arises. If you discover that you’re a victim, this gives you something to fall back on while you repair the damage or work out other options.
As things stand today in terms of financial technologies, data security, and the increasingly interconnected global economy, business owners can’t operate on the assumption that their sensitive financial information is secure. By keeping your eyes open and taking mitigatory preemptive steps, you can give your business the flexibility it needs to detect, manage, and survive a data breach both today and in the future.