Cyber attacks are increasing in occurrence everyday. We don’t hear about many of them because big companies are able to prevent hackers from infiltrating their systems before it actually happens. However, every so often we hear about hackers who break into big company data, and the repercussions can be brutal. One such recent example is the JP Morgan Chase security breach. 

The JP Morgan Chase Data Breach

In June 2014, Russian hackers led a cyber attack on JP Morgan Chase and about 5 other U.S. national banks. Many believe that this was done as a way to retaliate against the government for the sanctions that have been put in place against Russia during the current crisis in Ukraine. JP Morgan regrettably announced that the data of up to 76 million customers and 7 million small businesses may have been accessed because of the breach.

There are many theories as to how this hack actually occurred but rumor has it that it stemmed from an employee’s malware infected personal computer which made way for a VPN tunnel into the bank’s system. It is clear that the hackers had studied up on JP Morgan’s system enough to build layers of malware specific to the company. What is most surprising is that despite JP Morgan’s highly advanced infrastructure and the fact that the company spends hundreds of thousands on its cyber security, this cyber attack could not be prevented.

What About Small Businesses?

It seems that whenever we do hear about a security breach, it always has to do with a big company. However, small businesses should also be wary. According to the U.S. House Small Business Subcommittee on Health and Technology, 20% of all cyber attacks hit small businesses with 250 or fewer employees. About 60% of small businesses dissolve within six months of a cyber attack.

It’s important to remember that as a small business, you have a legal obligation to keep your clients’ and customers’ information confidential through a secure data management system. As long as information is traveling back and forth between your system and a secure cloud service, you will be liable for any mishandling of information due to a breach.

Cyber security should be a major priority for CEO’s of small businesses and startups. Many CEO’s can’t afford the high cost of data protection, but there are some steps that can be taken to prevent a breach:

  1. Hire a point person to be in charge of cyber security in the organization.

  2. Decide with the point person what data is most important to protect and how to protect it.

  3. Build an IT team that can practice responding to a security breach before it happens.

Small businesses should also take a second look at their Privacy Policy and Terms of Use Agreements. These agreements should include clauses about how exactly the business will distribute and use information given by customers and if it will be dealing with any third parties, such as financial partners or advertising agencies.

Whatever you do, make sure you cover all of your bases in order to prevent your business from potentially going under in the event of a cyber attack.

[Photo Credit: AP/Seth Wenig]

About the author

Zoya Afshar

Zoya Afshar is a Licensed Attorney and Head of Content at UpCounsel. Prior to joining UpCounsel, Zoya worked in a variety of fields of law including Bankruptcy, Criminal Defense, and Employment Law. Her love for all things media and marketing related began in her undergraduate years when she worked for CNN's Larry King Live.

View all posts

Post a Job on
UpCounsel and get
high quality legal work done

Post a Job on UpCounsel
/* ]]> */