10 Basic Steps to Protect Your Business Against Cyber Attacks
18th April 2018
Any business in 2018 should be wary of cyber attacks. They come in many forms, be they email ‘phishing’ scams or software designed to steal valuable data. Cyber crime is one unfortunate consequence amidst the many benefits of digital business platforms. But, business owners have the power to protect themselves against a cyber attack.
“Cyber-crime is the greatest threat to every company in the world”
Ginni Rometty, chairman and CEO of IBM, said this in 2015. Unfortunately, recent studies confirm that her words still ring true in 2018. Studies predict that by 2021 the cost of cybercrime will have doubled to $6 trillion from 2015.
Not only can a business’s financial records be compromised, but the disruption of a cyber attack can lead to many lost hours. There have also been several high-profile ransomware cases, in which businesses are prompted to pay out to retrieve data. This can have a devastating impact on a brand’s reputation amongst customers and shareholders.
More often than not, an attack could have been prevented with standard cyber security procedures. If you are concerned about protecting your business from a cyber attack, here are ten basic steps you can take now.
1. Remain Proactive in your Knowledge of Cyber Security Threats
One of the biggest problems with cyber security is that is often reactive. This means that by the time people are aware of a cyber attack, the damage has already been done. Make sure to regularly research any new threats, so you can put preventative measures in place.
2. Create an Incident Response Plan for Cyber Attacks
This goes hand in hand with the previous point. The damage made in the immediate aftermath of a cyber attack can be significantly reduced with a response plan. It should outline what steps to take, how to recover breached data, and who is responsible for investigating the attack.
3. Create a Password Policy
A password is the first thing a cyber criminal will try to crack. Despite this, many businesses do not regulate password creation. It is common knowledge for instance, not to use your date of birth. Make it part of your policy that staff members must include numbers and special characters. They must also make sure to update their passwords regularly.
4. Introduce Cyber Security Training for Your Staff
One of the most important things you can do is create a culture of responsibility against cyber-attacks. This will ensure that vigilance against cyber security attacks spans across your organisation. Training staff to identify and report a cyber attack will make them feel accountable.
5. Appoint a Data Protection Officer in your Organisation
Some people may not report suspicious activity because they are uncertain about who to defer to. A Data Protection Officer is someone who safeguards information, and enforces cyber security procedures. Appointing a Data Protection Officer is part of the incoming General Data Protection Regulation (GDPR), which all businesses must adhere to by 25th May 2018.
6. Be Wary of How Much Information You Put Online
Many businesses pride themselves on making company information accessible through their website. However, this could make it easier for cyber criminals to pose as genuine members of staff. Most companies don’t consider this before posting job roles, contact details or staff photos.
7. Conduct Regular Data Audits
Regularly checking what data you have stored could help uncover potential vulnerabilities. If sensitive data hasn’t been properly stored, you can quickly make sure it is adequately protected. It will also help you identify and remove any unnecessary data. This is another critical factor of the previously cited GDPR.
8. Use Firewalls to Regulate Access
Firewalls are the most common way to identify and fend off unauthorised web traffic. Firewalls come either as hardware or software solutions. You can protect your entire network with a hardware program. Or, if you have a smaller business you can install software on each individual computer.
9. Use Secure Cloud Solutions Instead of Physical Data Storage
The problem with USB sticks or discs, is that if they fall into the wrong hands the data they contain is almost certainly compromised. Secure cloud storage can create a centralised digital hub for your data, one you can strictly monitor and regulate.
10. Use Two Factor Authentication to Ward off Phishing
You can train your staff extensively on cyber security but that will not eliminate the margin for human error. Two factor authentication is something to fall back on if someone has unwittingly divulged their password. It confirms that the right person is using someone’s login details – be it via an SMS code or a security question. It offers an extra line of defence against a cyber attack.
At Netmatters, we have a team of cyber security and data protection experts. We can conduct a cyber security audit to test for any vulnerabilities. We will then manage your ongoing cyber security efforts, in line with industry updates and new regulations. Finally, in the event of a large-scale cyber security breach, we can provide access to our Disaster Recovery Suite.
Our work keeps clients that important peace of mind, that they are prepared in the event of a cyber attack. If you want to make sure you are secure against a cyber-attack contact Netmatters today.