The good news is that there are steps FE and FO can take to protect their businesses and families in order to reduce these risks. "Organizations that really push to become proactively involved in cybersecurity are going to see very significant business benefits both in the short and long term," says Dave Burg, EY Americas Cybersecurity Leader . This will require both immediate action and a long-term shift in focus.
In the short term, to avoid an increase in cyberattacks due to the pandemic, family businesses should:
Make and maintain an inventory of all routers and devices, and the sensitive data on them, including those used in the homes of family members
Keep these devices with antivirus and firewall software up- to- date; keep all software up-to- date and assess vulnerability at least once a year
Use email encryption tools for any confidential messages and ask customers to validate any new account openings, credit applications, and similar activities
Know more: Network engineer
Monitor (or use an outside company to monitor) all networks 24 hours a day for signs of an intrusion and shut them down if there is an attack
Store backups off-site or in a secure cloud vault
Conduct criminal and financial background checks on new staff and vendors, and annually thereafter
Create a cybersecurity policy that includes connected devices, passwords, multi-factor authentication, social media, and payment authorization steps
In the long term, family businesses and offices need to change the way they view cybersecurity. Recognize that social media breaches and threats will occur, and the job of family businesses and offices is to respond effectively and minimize damage.
Work closely with directors, their families, and employees to:
Identify the scenarios that would impact them the most, their risk tolerances and their points of difficulty
Analyze the most likely scenarios and rate the level of risk for each of them
Adapt to the organization a good framework of controls, such as the Cybersecurity Framework of the National Institute of Standards and Technology (NIST) , to measure and mitigate risk to an acceptable level
Explore, create and - most importantly - regularly test business continuity and incident response plans
Continually educate all principals, family members, and their households on the importance of adhering to these controls and the risks they face if they don't.
Protect the legacy
Family businesses must protect their names, their brands, and the organizations they have built over generations. Failure to do so can be catastrophic, but with the right approach, security technologies and control structures can help you protect your legacies for years to come.