The Cyber Security Industry – What are they trying to achieve?
Everyone in the cyber security industry (including us) are focused on the same goal. That goal is simple, to keep businesses secure from the huge variety of threats that exist in the cyber wilderness. This has created an industry that constantly needs to evaluate to adapt to threats that continue evolving in order to plague businesses.
The security needs to be at the forefront and needs to repel the major threats, that can harm a business. Like it or not, we have entered an age where security is crucial, all industries now need to look towards cyber security for protection.
The Cyber Threat Landscape – What Lurks Behind Your Router?
Cyber threats come in many forms. The trinity of evil being; Phishing attacks, Malware and Ransomware attacks (for example the NHS ransomware attack caused by WannaCry malware). These are all very real threats and unfortunately incredibly common.
In fact, a hacker attacks every 39 seconds, 43% of which are targeted at small business. It’s fair to say the odds may not be in your favour… but what do these attacks do.
With a Phishing attack, criminals send fraudulent emails prompting you to click on a link that delivers company destroying malware or creates a gateway to harvest further information. Recent studies indicate, that a hacker in a company network hides there for 180 days before anything happens, watching communications and transactions, gathering information to sell or use later.
Malware/Ransomware attacks are different and designed to block access to computers, data and systems in a business until a sum of money is paid. Anyone of these attacks can put a business on the ropes, or at the mercy of a hacker with bad intent. Below are a few straightforward tips that can help you start to combat these threats at a basic level.
Our Quick Tips to Help
Where possible, use Two Factor authentication on all accounts– Look to secure your accounts by having to use at least two means of authentication to access them. This is usually a password and then a code that will be sent to you, or on an app on your phone. Many leading applications, software and even social media sites allow to two factor authentication (2FA). This means that its very difficult to gain access with even a password as you also need the second step to access the account.
Please use Strong Passwords- Believe it or not, in a recent study, “123456″ was the runaway winner at the bad password awards with a staggering 23.2 million accounts still using the easy-to-crack code. We recommend using a phrase or saying with many characters as this makes the guessing difficult. Also try mixing things up a little with a mixture of letters, numbers and symbols. There are also some great Password management tools on the market such as LastPass, My Glue and Key Pass.
Security Awareness Training– The front line of your defences is your staff. How much time have you spent educating them on what phishing emails are and what they look like? Would you feel comfortable telling someone that you have spent an adequate amount of time discussing and training staff around what links should be clicked, password hygiene etc? Spending time educating the front line can be a useful task and can significantly reduce your cyber risks with staff keeping a beady eye out for Phishing emails.
Manage who can access your data– If you have not already, we would recommend that you create a map of the data that you transit or hold. By understanding where and how you have personal and financial data you can start to defend and secure it. You can then control access to the data and set permissions based on seniority and need. By understanding and addressing this you are taking positive steps to security This is also a recommendation for keeping compliant with GDPR regulations.
Please Don’t use Free anti-malware/Virus software – It’s free for a reason. Free antivirus has its uses but will not deliver the updates and security required to create a stringent cyber defence. If it’s free, who will take legal responsibility if it fails to identify a threat and takes your business down for a few days. If you had to drive across the Kalahari Desert would you prefer to use a car you know was sound and serviced, or a cobbled together vehicle given to you free by a random stranger. If your choice is the latter, we wish you luck!
In Summary
The above are quick steps that you can do right now to reduce your exposure to a cyber-attack. However, be mindful that you need to adapt a layered approach to security (much like physical security) and to truly mitigate risks you will need to invest and consult with experts. As more of our lives and businesses seem to exist in the digital realms, we need to ensure that we address the weakness and risks. By doing this we can decrease the odds of becoming another statistic in the cat and mouse game between Cyber Security and hackers.
To book a free Cyber Vulnerability Assessment or ask our team a question about security you can call us on 0114 361 0062 or email security@netcomtech.co.uk
