Cyber threats were a major concern in 2016, but experts predict that in 2017 hackers will innovate their techniques like never before. By 2021, cybercrime could cost its victims $6 trillion.

Along with lost funds and time spent recovering losses, cybercrime endangers company data, strong reputations and efficiency of business operations. Now more than ever, it’s important to avoid these losses by creating cyber security policies for your business.

Creating a Cyber Security Policy

The top predicted cyber threats for 2017 demonstrate the range of cybercrime risks. When considering new or improved company cyber security policies, there are a few tips you should keep in mind:

  1. Assess your approach to the bring-your-own-device (BYOD) trend. It’s common for employees to use personal smartphones, tablets or even laptops to conduct work. For a sound cyber security policy, require these devices to be password-protected, have antivirus software installed, be new enough to support security-related software updates, and contain remote-wipe software so company data can be removed from the device remotely.
  2. Secure Internet of Things (IoT) devices. These days, businesses commonly utilize IoT devices ranging from smart thermostats to remote door locks. If one of your business’ IoT devices succumbs to a Distributed Denial of Service (DDoS) attack, your company could be held responsible for damages. Limit your susceptibility by conducting regular audits of your IoT devices.
  3. Keep safety measures up-to-date. Technology is constantly evolving, and that includes viruses and malware. Your cyber security policy should address updating anti-virus software and device software at regular intervals to make sure new hacker schemes don’t affect you.
  4. Train employees on your policy. As a part of orientation for new employees, include an overview of the cyber security policy with your head of IT. Host an all-company annual review of your policy to keep the rules fresh in everyone’s mind. If employees choose to break the policy, consistent disciplinary action should be taken. Likewise, adherence to the policy should be rewarded.

The best way to develop a comprehensive cyber security policy is to start building it today, even if it only includes the basics. You can add to it over time, revising as needed.