Holiday hackers: How to keep your business safe

Many holiday deals are expected to span the duration of the season this year, providing consumers with more reasons to shop and cybercriminals with ample opportunity to target businesses and individuals.

This holiday season, Americans are expected to spend a total of $929 billion, as forecast by eMarketer. On Black Friday alone, online sales are expected to clock in at $165 million per hour, or $2.5 million per minute, according to a report by Verizon (NYSE:VZ).

With high-profile breaches grabbing headlines already this year, including Equifax (NYSE:EFX) and the U.S. Securities and Exchange Commission, cybersecurity should be on the forefront of everyone’s minds, particularly companies.

“The threat level increases with each passing year; 2016 broke a record for data breaches and identity thefts with nearly 1,100 recorded breaches,” Jeremiah Talamantes, president of RedTeam Security, told FOX Business. “Data security is something companies may have overlooked in the past, but now more than ever they can’t afford to sweep it under the rug as if a breach can't happen to them.”

Potential Damages

Talamantes said that while companies don’t necessarily need to be more concerned about security during the holidays than any other time of year, it’s a good time for companies to take stock of their security practices.

Every customer record breached costs a company $225, Talamantes said, while the average breach racks up damages worth $7.35 million. Overall in the U.S., cybercrime costs companies about $21 million in 2017, according a report by Accenture, representing an increase of more than 22% over the previous year.

However, the physical costs aren’t usually the worst part.

“Perhaps even more at risk is the company’s reputation. Consumer confidence takes a nosedive when a breach occurs, and this can damage the company for years to come or in some cases, put it out of business entirely,” Talamantes said.

A decline in consumer confidence can affect deals, advertising arrangements, investors’ confidence, and a whole host of other business partnerships that could lead to long-term damages.

Protecting your business

The first step to securing your systems is testing them against threats. Talamantes recommends that executives implement “penetration testing,” or simulating a real-life malicious attack, at least annually.

Companies should also ensure their practices are in line with the Payment Card Industry Data Security Standards, he said, which provide guidelines for merchants who accept credit or debit card payments.

And, it’s important to make sure your company is keeping up with all updated security best practices.

Equifax, for example, suffered a massive breach after failing to fix an outdated flaw in its software system that led to the compromise of 145 million individuals’ personally identifiable information.

Consumer warning signs

For consumers, email will be a big breeding ground for hackers throughout the holidays. Talamantes advises all individuals to verify email addresses, not to click through on receipts for items you did not order and to make sure messages are originating from a legitimate domain.

He also said shoppers should make sure they are visiting secure websites, beginning with https://, which generally have a padlock next to the browser bar.

For those customers shopping in person, Talamantes warns against any transaction where the clerk requires you to manually input your credit card information. If possible, pay in cash, or wait until another, functional register opens, he said.