How to protect your business from a data breach

Cybersecurity experts say that people and organizations can take steps to protect their personal data before a cyber attack happens.

Driving the news: Massachusetts companies and government agencies have seen a twofold increase in data breaches since 2012, according to an Axios Boston review of state data.

Pro tip: Cybersecurity experts recommend that individuals and businesses use Have I Been Pwnd to see which of their accounts, if any, have been affected by a breach.

Zoom in: The MassCyberCenter at the Mass Tech Collaborative works with municipalities to improve their cybersecurity practices so they're not vulnerable to cyber attacks, which are targeting local agencies more than they used to, says director Stephanie Helm.

• Hackers can steal information about taxpayers or disrupt municipal operations, preventing them from collecting revenue or even selling beach stickers in the summer until officials pay a ransom, Helm says.

What you can do: MassCyberCenter gives local officials four goals to meet, but these recommendations can also apply to businesses and other groups, Helm says.

• Train employees to spot and properly report suspicious activity.
• Join information-sharing networks like MS-ISAC to stay updated on potential threats, like if Microsoft or another major company reports a flaw in its software.
• Create crisis response plans and practice them so that all employees — not just IT and local leaders — can contain the fallout of a cyber attack.
• Create backups of records, download patches to fix vulnerabilities, and use password managers and multi-factor authentication.