Cyber Security Awareness Month: Protecting Your Business from Digital Threats
Oct 02, 2023
Cyber Security Awareness Month: Protecting Your Business from Digital Threats

October is Cybersecurity Awareness Month, making it the perfect time to safeguard your business against the rising tide of cyber threats. Learn how to defend your company's digital assets and ensure long-term security.


Businesses, both large and small, are increasingly reliant on the internet for daily operations, creating attractive and potentially lucrative targets for cyber criminals.


With such heavy use of and reliance on computers and the internet by both large and small organizations, protecting these resources has become increasingly important. Learning about cyberattacks and how to prevent them can help you protect your company from security breaches.


Cyberattacks Compromise Your Company

Cyberattacks include many types of attempted or successful breaches of computer security. These threats come in different forms, including phishing, viruses, Trojans, key logging, spyware and spam. Once hackers have gained access to the computer system, they can accomplish any of several malicious goals, typically stealing information or financial assets, corrupting data or causing operational disruption or shutdown.


Both third parties and insiders can use a variety of techniques to carry out cyberattacks. These techniques range from highly sophisticated efforts to electronically circumvent network security or overwhelm websites to more traditional intelligence gathering and social engineering aimed at gaining network access.


Cyberattacks can result directly from deliberate actions of hackers, or attacks can be unintentionally facilitated by employees—for example, if they click on a malicious link. According to historical claim data analyzed by Willis Towers Watson, 90 percent of all cyber claims stemmed from some type of employee error or behavior. The high-profile Equifax, Snapchat and Chipotle data breaches were all caused by employee error or behavior.


A breach in cyber security can lead to unauthorized usage through tactics such as the following:


  • Installing spyware that allows the hacker to track Internet activity and steal information and passwords
  • Deceiving recipients of phishing emails into disclosing personal information
  • Tricking recipients of spam email into giving hackers access to the computer system
  • Installing viruses that allow hackers to steal, corrupt or delete information or even crash the entire system
  • Hijacking the company website and rerouting visitors to a fraudulent look-alike site and subsequently stealing personal information from clients or consumers


Cyberattacks may also be carried out in a manner that does not require gaining unauthorized access, such as denial-of-service (DoS) attacks on websites in which the site is overloaded by the attacker and legitimate users are then denied access.


The Vulnerable Become the Victims

The majority of cyber criminals are indiscriminate when choosing their victims. The Department of Homeland Security (DHS) asserts that cyber criminals will target vulnerable computer systems regardless of whether the systems belong to a Fortune 500 company, a small business or a home user.


Cyber criminals look for weak spots and attack there, no matter how large or small the organization. Small businesses, for instance, are becoming a more attractive target as many larger companies tighten their cyber security. According to the industry experts, the cost of the average cyberattack on a small business is increasing exponentially and shows no signs of slowing down. Nearly 60 percent of the small businesses victimized by a cyberattack close permanently within six months of the attack. Many of these businesses put off making necessary improvements to their cyber security protocols until it is too late because they fear the costs would be prohibitive.


Simple Steps to Stay Secure

With cyberattacks posing such a prominent threat to your business, it is essential to create a plan to deal with this problem. Implementing and adhering to basic preventive and safety procedures will help protect your company from cyber threats.


Following are suggestions from a Federal Communications Commission (FCC) roundtable and the DHS’s Stop.Think.Connect. program for easily implemented security procedures to help ward off cyber criminals. These suggestions include guidelines for the company as well as possible rules and procedures that can be shared with employees.


Security Tips for Your Company

Cyber security should be a company-wide effort. Consider implementing the following suggestions at your organization:


  • Install, use and regularly update anti-virus and anti-spyware software on all computers.
  • Download and install software updates for your operating systems and applications as they become available.
  • Change the manufacturer’s default passwords on all software.
  • Use a firewall for your internet connection.
  • Regularly make backup copies of important business data.
  • Control who can physically access your computers and other network components.
  • Secure any Wi-Fi networks.
  • Require individual user accounts for each employee.
  • Limit employee access to data and information, and limit authority for software installation.
  • Monitor, log and analyze all attempted and successful attacks on systems and networks.
  • Establish a mobile device policy and keep them updated with the most current software and anti-virus programs.


Security Tips for Employees

  • Use strong passwords, change them periodically and never share them with anyone. Never repeat a password across accounts.
  • Protect private information by not disclosing it unless necessary, and always verify the source if asked to input sensitive data for a website or email.
  • Don’t open suspicious links and emails; an indication that the site is safe is if the URL begins with https://.
  • Scan all external devices, such as USB flash drives, for viruses and malicious software (malware) before using the device.


Securing Your Company’s Mobile Devices

Gone are the days when contact names and phone numbers were the most sensitive pieces of information on an employee’s phone. Now a smartphone or tablet can be used to gain access to anything from emails to stored passwords to proprietary company data. Depending on how your organization uses such devices, unauthorized access to the information on a smartphone or tablet could be just as damaging as a data breach involving a more traditional computer system.


The need for proper mobile device security is no different from the need for a well-protected computer network. Untrusted app stores will continue to be a major source of mobile malware which drives traffic to these stores. This type of “malvertising” continues to grow quickly on mobile platforms.


Most importantly, stay informed about cyber security and continue to discuss internet safety with employees.


Don’t Let it Happen to Your Company

According to the DHS, 96 percent of cyber security breaches could have been avoided with simple or intermediate controls. Strengthening passwords, installing anti-virus software and not opening suspicious emails and links are the first steps toward cyber security. In addition to the listed tips, the FCC provides a tool for small businesses that can create and save a custom cyber security plan for your company, choosing from a menu of expert advice to address your specific business needs and concerns.


A data breach could cripple your small business, costing you thousands or millions of dollars in lost revenue, sales, damages and reputation. Contact SimcoHR today. We have the tools necessary to ensure you have the proper coverage to protect your company against losses from cyberattacks.

Sign up for our newsletter.

DOL Issues Guidance on AI-related Wage and Hour Risks

11 May, 2024
On April 29, 2024, the U.S. Department of Labor’s (DOL) Wage and Hour Division (WHD) published Field Assistance Bulletin (FAB) No. 2024-1 on the use of artificial intelligence (AI) in the workplace. The FAB follows a statement released by the White House announcing key AI-related actions following President Joe Biden’s executive order issued on Oct. 30, 2023, on establishing standards for AI safety and security. Guidance on AI-related Wage and Hour Risks Employers are increasingly using AI tools to generate timecards, set schedules, monitor performance, track employee hours and process payroll. As such, the FAB highlights certain compliance risks under the Fair Labor Standards Act (FLSA) for employers using these tools. These risks include: Tracking employee work time; Monitoring employee break and waiting time; Using location-based monitoring for individuals performing work at multiple geographic locations; Calculating employees’ regular rate of pay and overtime compensation; and Violating the FLSA’s antiretaliation provisions To aid employers in addressing these compliance risks, the WHD identifies recommended practices, including exercising proper human oversight, to help ensure that AI systems and tools do not violate the FLSA. Additional AI-related Guidance In addition to addressing FLSA compliance risks, the FAB also examines certain AI-related risks that may arise under other laws, including the Family and Medical Leave Act (FMLA), the Providing Urgent Protections for Nursing Mothers Act (PUMP Act) and the Employee Polygraph Protection Act (EPPA). For example, using AI tools to administer FMLA leave can create potential risks for violating the law’s certification requirements when determining whether an employee’s leave is FMLA-qualifying. Employer Action Items While FABs are not necessarily legally binding, they offer insight into how the DOL interprets laws it enforces and how agency officers will analyze workplace conditions and circumstances to enforce compliance.  Using AI systems for scheduling, timekeeping and calculating rates of pay and overtime may increase an employer’s risk under the FLSA. Therefore, employers should ensure that their AI systems and tools comply with all federal laws and regulations by examining potential legal and business risks associated with AI, implementing AI usage policies and establishing internal best practices.

Nurturing Your Mind: Embracing Mental Health Awareness Month

30 Apr, 2024
As we step into May, we're reminded of the importance of mental health and well-being. May marks Mental Health Awareness Month, offering us an opportunity to renew our commitment to nurturing our minds and fostering supportive environments, both in and out of the workplace. In this blog post, we'll explore practical strategies for enhancing mental health, including small tips that can refresh you mentally during the workday. Embracing Self-Care Amid life's hustle and bustle, it's crucial to carve out time for self-care. Whether it's practicing mindfulness, engaging in hobbies, or simply taking a moment to breathe deeply, prioritizing self-care nurtures mental resilience and fosters a sense of inner peace. Cultivating Work-Life Balance In today's fast-paced world, achieving a healthy work-life balance is essential for mental well-being. Set boundaries between work and personal life, establish a routine that includes breaks and leisure activities, and strive to unplug from technology during downtime. Remember, balance is key to sustaining productivity and happiness. Fostering a Supportive Workplace Culture Employers play a pivotal role in promoting mental health in the workplace. Encourage open dialogue about mental health, offer resources such as counseling services or mental health days, and prioritize flexibility to accommodate employees' well-being needs. By fostering a supportive culture, organizations cultivate environments where employees feel valued, understood, and empowered to prioritize their mental health. Supporting Loved Ones If someone you care about is struggling with mental health challenges, your support can make a significant difference. Listen without judgment, offer empathy and reassurance, and encourage them to seek professional help if needed. Remember, your presence and understanding can provide comfort and strength during difficult times. Practicing Gratitude Gratitude is a powerful tool for enhancing mental well-being. Take time each day to reflect on moments of gratitude, whether it's appreciating the beauty of nature, expressing gratitude for supportive relationships, or acknowledging personal achievements. Cultivating a mindset of gratitude fosters resilience and enhances overall happiness. Small Tips to Refresh Your Mind During the Workday  Take short breaks: Step away from your desk for a few minutes to stretch, walk around, or simply gaze out the window. These brief pauses can rejuvenate your mind and boost productivity. Practice deep breathing: Incorporate deep breathing exercises into your day to reduce stress and promote relaxation. Close your eyes, inhale deeply through your nose, hold for a few seconds, and exhale slowly through your mouth. Connect with nature: Spend time outdoors during your lunch break or coffee breaks. Even a brief stroll in a nearby park or green space can invigorate your senses and clear your mind. Listen to music: Create a playlist of soothing music or uplifting tunes to listen to during work breaks. Music has the power to uplift your mood, reduce anxiety, and enhance focus. Stay hydrated: Drink plenty of water throughout the day to stay hydrated and maintain mental alertness. Dehydration can impair cognitive function, so keep a water bottle handy and sip regularly. Practice mindfulness: Take a few moments to practice mindfulness or meditation exercises. Focus on your breath, observe your thoughts without judgment, and cultivate a sense of presence and calm. Declutter your workspace: A clutter-free workspace can promote mental clarity and productivity. Take a few minutes to tidy up your desk, organize files, and create a calming environment conducive to focus. Engage in positive self-talk: Replace negative self-talk with affirming and encouraging statements. Remind yourself of your strengths, accomplishments, and capabilities, and cultivate a mindset of self-compassion and resilience. Connect with colleagues: Build supportive relationships with coworkers by engaging in meaningful conversations, sharing experiences, and offering mutual support. A sense of camaraderie and connection can foster a positive work environment and bolster mental well-being. As Mental Health Awareness Month unfolds, let's commit to nurturing our minds and supporting those around us. By embracing self-care, fostering work-life balance, promoting workplace well-being, and offering compassionate support to loved ones, we contribute to a culture of mental health awareness and resilience. Remember, you are not alone. Reach out for support if you need it, and let's journey toward better mental health together.

DOL Announces Final Overtime Rule Increasing Salary Levels for White-collar Employees

30 Apr, 2024
On April 23, 2024, the U.S. Department of Labor (DOL) announced a final rule to amend current requirements employees in white-collar occupations must satisfy to qualify for an overtime exemption under the Fair Labor Standards Act (FLSA). The final rule will take effect on July 1, 2024. Increased Salary Level The FLSA white-collar exemptions apply to individuals in executive, administrative, professional, and some outside sales and computer-related occupations. Some highly compensated employees may also qualify for the FLSA white-collar overtime exemption. To qualify for this exemption, white-collar employees must satisfy the standard salary level test, among other criteria. This salary level is a wage threshold that white-collar employees must receive to qualify for the exemption. Starting July 1, 2024, the DOL’s final rule increases the standard salary level from: $684 to $844 per week ($35,568 to $43,888 per year); and $107,432 to $132,964 per year for highly compensated employees. On Jan. 1, 2025, the standard salary level will then increase from: $844 to $1,128 per week ($43,888 to $58,656 per year); and $132,964 to $151,164 per year for highly compensated employees. Automatic Updates The DOL’s final rule also includes mechanisms allowing the agency to automatically update the white-collar salary level thresholds without having to rely on the rulemaking process. Effective July 1, 2027, and every three years thereafter, the DOL will increase the standard salary level. The agency will apply up-to-date wage data to determine new salary levels. Impact on Employers The first salary level increase in July is expected to impact nearly 1 million workers, while the second increase in January is expected to affect approximately 3 million workers. Employers should become familiar with the final rule and evaluate what changes they may need to adopt to comply with the rule’s requirements. Legal challenges to the rule are anticipated, which may delay the final rule’s implementation.

Have a question? Get in touch.

Share by: