February 20, 2018
It’s February, and if you are like most of us that long list of to do’s to accomplish in the first month of the year is still sitting on your desk not completed. While you are implementing clubhouse improvements and planning the social calendar for the year, one item that is still lingering on your list to learn more about is how to properly secure that big front door to your website. Until now, cybersecurity for most small to medium size businesses including private clubs, has been an afterthought. After all, why would clubs even be on the radar for hackers to attack? Wouldn’t they go after the larger more lucrative targets like financial institutions? The answer to this is increasingly no, and recent cybersecurity stats prove it. It’s time to quit putting off that dreaded cybersecurity topic, and take the steps to educate your club’s management team on how to protect your members’ personal data online. Ultimately, if your club gets breached it’s not your website vendor or even your IT team that your board and members are going to look to for answers. It’s the club’s management team that will face the questioning.
3 Cybersecurity Stats that will affect Clubs in 2018:
1. Nearly 6 in 10 small businesses have experienced a cyber attack according to CNBC.
When most of us think of breaches, we immediately think of high profile incidents such as the Equifax breach or the Yahoo breach. However, hackers are turning their eyes on small to medium size businesses where they can make a quick buck time and time again. They know that most SMB’s are not prepared for attacks, and they can with very little effort gain access to their systems and exploit their data.
2. Passwords and authentication data were the most common data targets in attacks on small to medium sized businesses says the Better Business Bureau.
Because passwords open the door to so many revenue venues for hackers, they are the most sought after data even more so than credit card data. The recent arrest of Leakedsource founder proves that selling stolen credentials is a profitable business. For years, businesses and clubs have focused on protecting the financial data of their members and consumers by ensuring their credit card processors and website vendors were PCI compliant. While that is still important, it is increasingly important to secure valuable member data like passwords. Passwords are easy targets for cyber criminals because they are usually simpler to steal due to legacy password encryption techniques. Today, as businesses take the brunt of the blow when a breach occurs, they must be the ones to also take responsibility of ensuring they have the proper cyber defense tools in place that prevent breaches. SSL’s, antivirus software, and BlindHash Password Protection are a good start to get your cyber plan in place. We can’t stop hackers from trying to attack us, but we can prevent them from getting useful data.
3. According to well known security expert, SwiftonSecurity 99.99% of computer security incidents are oversights of solved problems.
Why is that we ignore addressing foreseeable problems….Lack of money to address the problem? Lack of education on the topic? The general consensus in the cyber world is that the latter is the answer. Most cyber tools can easily be implemented at a cost that won’t even be noticed on most budgets. Yet, most small to medium size businesses are experiencing analysis paralysis when it comes to cybersecurity. For most, it is an intimidating topic and it tends to be easier to do nothing and just hope you don’t get breached. As hackers turn their eyes on entities like clubs, doing nothing can no longer be the answer.
To assist in getting out of analysis paralysis when it comes to the topic of cybersecurity, there is a list of action steps your club can take to start securing your website. We will have documentation on these steps in the Club Benchmarking Booth (Booth 1638). Please ask for Ray Cronin or Russ Conde and they will be happy to provide you with the documentation. We hope you will stop by to start your journey to a more cyber secure club.
