Security issues can affect any organisation, whether you're a non-profit, SMB or large enterprise. Everyday there is a new security issue and making sure your organisation is protected and able to defend against them is crucial in keeping your data secure.
We've put together a list of the Top 5 security issues companies face in 2020, whether you're in the office or working from home, these issues can affect any type of organisation.
1. Sophisticated Phishing Scams
Every year, it is becoming increasingly harder to detect phishing scams, and with the progression of technology, they’re becoming more sophisticated, highly targeted and personal. Some scammers are even going to lengths to collect voice snippets to use in phone phishing scams - it only takes one mistake to become a victim of cybercrime - educate your users with user awareness training to keep them up to date on the latest threats.
2. COVID-19 Scams
COVID-19 has become a hot topic amongst cybercriminals - since the pandemic begun, we have seen a noticeable increase in the amount of Coronavirus related scams occuring, whether it's phishing scams, fake tests or general fear tactics. Keeping your users aware of these scams is imperative in protecting your organisation. You can find out more about these scams here.
3. Outdated Software
Your software is updated for routine changes, but also to patch security flaws. If you don’t keep your apps and software updated, they can be exploited and hacked with ransomware, or as we’ve seen from the BlueKeep attacks last year, your unpatched software can be exploited to install cryptocurrency miners.
Updating your software may seem tiresome, but it’s a simple step in keeping your organisation safe from cybercriminals.
4. Third-Party Vulnerabilities
With the influx of technology and being more interconnected than we’ve been before thanks to things like IoT (Internet of Things), it’s becoming harder to keep these third-party apps secure.
In 2019, attacks on IoT devices surged 300%, which shows that these devices are becoming more popular within the hacker community as IoT devices are usually plugged in and forgotten about.
To minimise impact from IoT devices, they should be regularly updated, passwords changed from the default, and connected to secure internet connections.
Having security policies and sticking to your security policies may seem like the same thing, but most of the time you may think ‘I'm too busy, it can wait and I’ll remove their access tomorrow’, ‘we won’t force password policy as it won’t be an issue’, but in 2019 34% of all data breaches were a result of insider threats.
Insider threats can range from negligent employees who don’t follow security policies, such as leaving company data lying around, to disgruntled ex and current employees with malicious intent. Surprisingly, 50% of ex-employees don’t have their access revoked to corporate applications and data, and when 25% said they’d accept just £1000 to sell this data, it’s crucial that user access is monitored properly.
Ensuring your users only have the access they need for the job they do can help minimise the potential of an insider threat.
How can we help?
Information systems exist in a dynamic environment rich with threat vectors, but planning, strong management and adherence to industry standards will ensure corporate prosperity and the safety of proprietary data.
Employing the use of a security expert - particularly during an initial set up - can pay huge dividends in the long term and ultimately reduce long term costs.
If you're unsure how secure your organisation is, we can provide an IT Security Assessment to show you where you may have vulnerabilities and how you could improve your security to future-proof your organisation.
If you're looking for no obligation advice, get in touch with one of our experts by scheduling a consultation or giving us a call on 01908571510.