IO_Winter_22

InsideOutdoor | WINTER 2022 20 TECH SAVVY with MFA for emails, then stepping up integration as it becomes economically feasible.” 6. Relying on Firewall and Anti-Virus Software Smaller businesses need to invest in resources to detect, block or – in a worst-case scenario – absorb an attack. While no individual software or suite is foolproof, their use in conjunction with one another can offer a protective measure of defense. 7. Employing Intrusion Detection and Breach Analysis Options OSI recommends paying for third-party network monitoring. The concept behind this software type is that it scans for active incidents that have occurred, offering remediation options. 8. Maintaining Security Patches This critical measure is especially important for the small business that does not make a massive, ongoing investment in security software. By actively patching, the business gains information on the latest threats, trends and definitions and can actively scan for potential issues. 9. Focusing on DDoS Security Businesses should work to promote awareness as to how to best avoid (if possible) or absorb (if necessary) a devastating distributed denial-of-service attack. These types of strikes – of which ransomware is just one example – can have devastating consequences for the small business that cannot afford downtime. 10. Planning for Data Breaches In some cases, penetration is inevitable. Today’s environment needs to account for what would happen if such a breach does occur. For this reason, OSI recommends creating a formal “Incident Response Plan” that is then reviewed each year. This program should include clear, descriptive verbiage regarding protocols and policies, specific employee incident response tasks and other roles and responsibilities. One should also have a policy in place to inform the client of the integrity of any stored customer data, how this information is handled and options at their disposal should this information become compromised. 11. Obtaining Cyber-Risk Insurance Coverage These types of policies, for which Outdoor Sports Insurance and other agencies offer coverage, are designed to counteract the high cost incurred as part of a data breach or extortion strike. In particular, OSI believes that it offers the right insurance program, replete with access to experienced professionals who can assist with such an otherwise stressfilled occurrence. “For the smaller companies that make up the outdoor industry, we often hear that ‘My credit card transactions are all protected through a third party’,” said Martin. “There’s an unwillingness to spend money on cyber liability. What they’re not realizing is it’s not just about protecting credit card numbers. It’s about protecting your network, business and assets.” As an industry leader in risk management and liability mitigation, OSI focuses on providing insurance services for specialty retailers, distributors, market representatives and manufacturers. On average, its team has more than 20 years of experience in property and casualty insurance, and has assigned underwriters, claims adjusters and attorneys to service its accounts. By signing up for such a program, members also gain access to many different resources, including release forms and waivers to keep current with state and federal regulations. “There’s a lot of retailers out there that are really just focused on transactional exposure, versus if their network is protected, both through things such as zero trust and also through cyber liability insurance,” concluded Martin. “That’s a message that needs to go out to these folks. They need to broaden their scope as to what exposure really means in the world of cyber theft and all of the risks that they have and may not realize.” Because in today’s digital retail world, one cannot be careful enough. m

RkJQdWJsaXNoZXIy NTg4Njc=