Technological Advances Bring New Cyber Risks. Here's How to Mitigate Them. Today, cyber risks are increasingly catastrophic and incredibly difficult to control. Make sure your company is insured for such risks.

By Randy Sadler

Opinions expressed by Entrepreneur contributors are their own.

Technology can be a wonderful thing. Properly utilized, advanced technology solutions allow us to better engage our customers, streamline ordering and invoicing processes, and increase the efficiency of our audit and internal communications. Just like with all emerging technologies, the advantages that these new solutions bring are also creating new risks and challenges for businesses to manage and overcome. Unlike in the past, the cyber risks faced by CFOs today are increasingly catastrophic and incredibly difficult to control.

Reliance upon technology is a requirement for businesses to remain agile and responsive, and the new opportunities presented by advancement are exciting and can be quite profitable. Unfortunately, risk management is behind the eight ball as it relates to cyber and technology threats. It is a monumental task to plan and protect against risks that heretofore simply did not exist. An awareness and understanding of some basic cyber threats and proactive methods of loss prevention can be a great start to protecting your organization's valuable IP, customer data and digital assets.

Related: Cybercrime Could Cost the World $10.5 Trillion Annually by 2025


Cybercrime is making a shift from a broad-based attack to more specific targeting. By targeting software vulnerabilities in specific servers, hackers can have a higher likelihood of successfully gaining unauthorized access to data or systems and can potentially avoid detection entirely.

Help protect against hacking-related losses by beefing up your info security protocols. Mandate password changes on a frequent basis. Require special characters, numbers, length and limit reuse, and enable double authentication. Ensure that patch and firmware updates are implemented at both the user device and server/enterprise level and consider implementing penetration testing and audits by an independent third party.


Unlike in popular movies of old, do not expect to receive a ransom notice via an anonymous letter comprised of cut-and-pasted type from random magazines. Ransomware often enters and compromises a system via malicious emails. Once intruders have access to valuable data, they will encrypt the data, block off access to authorized users and demand payment for release — often in some form of cryptocurrency.

The impact of a ransomware attack can be lessened significantly with the implementation of proper data backups. Consider implementing services that automate the backup of critical and sensitive data on a frequent basis. Help ensure integrity of your backups by keeping the redundant files segregated from standard networks and, if possible, offline completely.

Data leakage

The proliferation of technology significantly complicates the process of maintaining control of your digital assets. Cell phones, tablets and laptop computers are everywhere, and portable storage devices like USB drives, external SSDs, etc. are common methods of transporting data and information between parties. Unlike the other common methods of intrusion, these devices turn your digital information into physical form and are now subject to loss and theft by unrelated parties or disgruntled employees and contractors. The comingling of personal devices that have access to or retain company data provides opportunity for additional vulnerabilities.

The physical nature of leakage fortunately comes with more concrete risk-management methods. Consider disabling external-drive connections on user devices (i.e. turning off USB connection ports). Turn on GPS tracking of all applicable devices and ensure that devices can be locked and wiped remotely if lost or stolen.

Related: 3 Ways to Make Employees Your Best Cybercrime Fighters


An exposure presented often by social or human engineering, phishing often attempts to disguise nefarious attempts to access information by posing as a source (website, individual, attachment, etc.) that is trusted to the specifically targeted individual. Perpetrators commonly use fake emails from supervisors to request transfer of funds and issue fraudulent invoices for products or services with wire info going to the criminal's account.

Because phishing intrusion is often individual or social in nature, you can work to combat this risk with effective awareness training. Provide employees with information and examples of fraudulent requests and consider implementing procedures that require in-person or telephonic confirmation of invoice changes or internal wire requests.

Effective management of a risk that comes from so many sources is no small task. Unknown assailants, multiple methods and developing regulatory framework (FISMA, GDPR, etc.) require 24/7 vigilance for a risk that never sleeps. Developing a comprehensive and flexible protection and response plan will help protect your digital assets, avoid the costs associated with a cyber loss and provide your organization a potentially significant competitive advantage.

Related: 4 Ways Your Small Business Can Better Prevent Cyber Crime

Wavy Line
Randy Sadler

Entrepreneur Leadership Network Contributor

Principal and CMO, CIC Services

Randy Sadler started his career in risk management as an officer in the U.S. Army. He has been a principal with CIC Services for seven years and consults directly with business owners, CEOs and CFOs in the formation of captive insurance programs.

Editor's Pick

A Father Decided to Change When He Was in Prison on His Son's Birthday. Now His Nonprofit Helps Formerly Incarcerated Applicants Land 6-Figure Jobs.
A Teen Turned His Roblox Side Hustle Into a Multimillion-Dollar Company — Now He's Working With Karlie Kloss and Elton John
3 Mundane Tasks You Should Automate to Save Your Brain for the Big Stuff
The Next Time Someone Intimidates You, Here's What You Should Do
5 Ways to Manage Your Mental Health and Regulate Your Nervous System for Sustainable Success

Related Topics


Working Remote? These Are the Biggest Dos and Don'ts of Video Conferencing

As more and more businesses go remote, these are ways to be more effective and efficient on conference calls.

Growing a Business

The Best Way to Run a Business Meeting

All too often, meetings run longer than they should and fail to keep attendees engaged. Here's how to run a meeting the right way.

Business News

Amazon Might Soon Be Adding Ads to Prime Video

The company wants to generate more ad revenue for its streaming service.


How to Identify and Handle Toxic Business Leadership

Toxic business leaders are the danger of modern corporate life. Unfortunately, they may hide behind good reputations. Let's discuss four signs of toxic leadership and strategies to deal with it.


'Entrepreneur Elevator Pitch' Is Back Open for Business!

Check out this preview of season nine of our hit show "Entrepreneur Elevator Pitch." Big ideas and big money are on the line!


5 Simple Tweaks for Better Email Deliverability

Email success starts in the inbox. Learn five easy ways to tweak your strategy so you can achieve better email deliverability.