Creating a cybersecurity policy and teaching employees how to deal with emails that may contain viruses are some of the tips local experts discussed with small business owners Wednesday morning at the Suffolk Theater in Riverhead.
The free event was held following a global cybersecurity attack that occurred over the weekend.
Kevin Edwards, director of compliance and information technology security at Flexible Systems in Hauppauge, stressed to the packed crowd that companies shouldn’t become complacent with cybersecurity, and each employee should know their email policy and procedures.
“They’re your first line of defense,” said Mr. Edwards, who was one of four panelists. “Emails come in all day — every day — hundreds of them. Some of those contain [viruses] and you need to educate the employee about those; about deleting those; not opening those; alerting an IT staff member.”
Other tips Mr. Edwards shared included creating a mobile device management policy and procedure, encrypting all company laptops, installing a data governance solution and purchasing cybersecurity insurance.
Mr. Edwards — along with panelists Agim Bracovic, an information security officer at Bridgehampton National Bank; Jonathan Harrington, counsel at the Bridgehampton law firm Campolo, Middleton & McCormick; and Judy Murrah, chief information officer at Applied DNA Sciences in Stony Brook — said businesses need to become proactive when it comes to cybersecurity and should create and test incident plans, as well as hold annual web-based training meetings with staff.
Should company computers be hacked, the experts suggested immediately contacting the company’s IT staff and lawyer.
The panel discussion was moderated by Thomas Simson, chief information officer at Bridgehampton National Bank, and allowed audience questions.
Password storage was among the concerns raised. Panelists said using Microsoft Word to save passwords is better than using other types of word processing programs. They added the most secure option is LastPass, which is a password management service.
Panelists also suggested small businesses hire a third-party IT company if they can’t afford a full-time IT employee.
Barbara Rizzi of Tortorella Group in Southampton attended the event and described the discussion as “very informative and helpful.”
“We’re constantly looking to update our systems; why not get information that is prepared and informative,” she said.
Photo credit: Nicole Smith
Correction: This story has been updated to reflect that panelists said LastPass is the most secure option to store passwords.