Over the past 12 months, 46% of all businesses reported a cyber breach or attack.
Businesses today face a range of potential threats, from ransomware and data breaches to weaknesses in the supply chain – and these are increasing by the year. One recent survey found that there had been a 91% increase in ransomware attempts between the first and third quarters of 2017.
Now more than ever before it’s crucial to invest in prevention – as opposed to purely recovery – when it comes to protecting your business against cyber attacks.
There are five key ways in which you can do this.
1. Staff training
Your staff are fundamental to the security of your business – 90% of cyber attacks take place with information stolen from staff who have unwittingly given it away. Training and educating your staff on the signs of potential cyber attack, and how to act quickly, will transform your workforce into a strength, as opposed to a vulnerability. Measures should include:
- Implementing security protocols;
- Guidelines on acceptable use of technology;
- Improving password security practices;
- Training on how to recognise potentially suspect communications;
- Disaster recovery and how to respond in the event of an attack.
2. Cloud Storage
Cloud storage systems are exceptionally well maintained by providers with significant security experience and so basic vulnerability – such as systems that are not regularly patched or updated – is avoided. Monitoring and detection tools ensure that any issues are spotted early and automatic failovers provide options to keep systems running even when an attack is in progress.
3. Perform audits and risk assessments
Auditing and assessment are essential for risk management. When a business experiences a period of growth it can become incredibly vulnerable to attack simply because of a lack of oversight of data and systems.
Regular audits will help to show a clear picture of IT resources, including values, and provide a basis for ensuring that security is aligned with IT systems growth and use. Risk assessments will identify where the potential vulnerabilities lie, well before they can become an issue for the business.
4. Knowledge about risk factors
Alongside risk assessments on your own systems it’s important to have a broader understanding of the general risk factors that may affect a business such as yours. What risks currently exist for this type of business and how are these risks changing?
Many business owners, especially those with small businesses, are very vulnerable to cyber attack as a result of not staying on top of existing risks, as well as those that arise as cybercrime evolves. This can leave the business open to attack simply as a result of a lack of up-to-date insight.
5. Passwords and antivirus
Sometimes it’s the most basic systems that let an organisation down when it comes to a cyber attack, so it’s crucial to check you have the fundamental protections in place. Antivirus software, for example, is essential — it will scan folders and files on a regular basis to look for anything that shouldn’t be there. It’s also important to ensure that any software your business is using is always kept up-to-date. Passwords are another easily overlooked issue – weak passwords are a serious problem because they are simple to crack. Passwords should be created with lower, upper case letters and special characters. Any information specific to individuals, for example birthdays, or successions of characters or numbers, should be avoided.
Keeping your business safe from cyber attack takes a lot of effort. The support of an outsourced service provider can be essential in ensuring your business has the protection it needs. A specialised service provider can take care of all of the above and provide another layer of oversight to give you greater peace of mind.