Preparing Your Employees & Business Systems For A Cyber Attack

Uploaded on 2020-02-05 in Directors Reports

Right now, a cyber attacks happens every 39 seconds and massive amounts of private business and customer data is stolen, however, securing your business against cyberattacks is less daunting than it may seem. With brief regular training and a few process implementations, you can keep your company from being a hacking statistic. 
 
Cybersecurity threats are  omnipresent in today’s hyper-connected, digital world and they will only continue to increase in sophistication, frequency, diversity, scale and scope this year and in the near future. Internet-based technologies aimed at creating efficiencies and increasing connectivity between people and places also help proliferate cyber threats and risks.
 
This new reality requires businesses and people alike to understand the evolving cyber threat environment in order to keep pace. With 2020 just beginning, an understanding of what future cyber threats could entail will help us better protect our systems, information, assets, and even reputation. While predicting the future is an imperfect task, an assessment of current threats, risks, and trends can help determine what we are likely to see moving forward. 
 
The recent high profile cyber-attacks on organisations like Travelex have raised awareness of how big cyber-crime is right now and it’s essential that you regularly assess and monitor your business risk against a cyber-attack. Yet despite significant cyber security exposures, around 85% of small business owners still believe their business is safe from hackers, viruses, malware or a data breach according to Symantec. Furthermore, only 25% of small business owners have had an outside party test their IT/computer systems to ensure they are secure from attacks and nearly 40% do not have their data backed up in more than one location.
 
As these attacks become more frequent, it is now more important than ever to protect yourself and your business. Unfortunately, there is no "quick fix" when looking to protect your business from a potential cyber-attack but there are some things you can do to help you prepare:
 
First: ensure your organisation has annual cyber audits that take place at different times of the year. 
Please contact Cyber Security Intelligence for sensible recommendations. 
 
Second: review your patching policy, ensure all updates are being applied as soon as they become available; do you ensure patches are applied as quickly as is practicable?
 
Third: train your employees to be aware of and identify potential phishing emails; do employees know what to look out for or who to report concerns too? Contact Cyber Security Intelligence for independent and economic Cyber Training recommendations dependent on your size and experience.
 
Fourth: test and review your back-up and recovery systems and processes; how quickly can you bring your organisation back online?
 
Fifth: review and test your incident response plan; does it work effectively, do the key stakeholders know what to do in the event of an incident?
 
The most common cyberattack on business and individuals alike are phishing scams. These are emails that are sent to people with the intention of creating a sense of fear or worry so they recipient will reply or click on an included link or attachment, which opens a door into your computer system and can lead to viruses. To create urgency, the email will often appear to be from a boss or a bank and demand a response. 
 
It is important that all employees are aware of the what phishing emails look like: 
  • An email address that looks familiar but is off by a letter or uses symbols instead of letters.
  • A request to click a link or open an attachment that you were not expecting.
  • Misspelled words (this is how they get past the spam filter).
  • Messages starting with something like “valued member” instead of saying your name.
It is also essential to keep in mind that while most cyber threats are external, dangers can also come from within your organisation. When you bring on new employees, complete a thorough background check for previous crimes, with an emphasis on theft, then hire accordingly. Employees should always lock their computers when they walk away and use complex passwords that include uppercase letters, numbers, and special characters.
 
If you’re concerned about the potential impact of a cyberattack on your business and would like to know what you can do to prepare, an onsite Cyber Security Audit is a useful process to analyse current security systems and controls. 
 
Please contact Cyber Security Intelligence for more information.
 
The Hill:          Kieghley News:       Host Review:
 
You Might Also Read:
 
The Scope Of A Cyber Security Audit:
 
 
 
« Wawa Breach - Data On 30m Card Users For Sale
Iowa Election App Vulnerable To Hackers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

maCERT

maCERT

maCERT is the national Computer Emergency Response Team for Morocco.

Deductive Labs

Deductive Labs

Deductive Labs consulting services help customers with their technology, security and automation challenges.

Center for Long-Term Cybersecurity (CLTC)

Center for Long-Term Cybersecurity (CLTC)

The Center for Long-Term Cybersecurity is developing and shaping cybersecurity research and practice based on a long-term vision of the internet and its future.

BicDroid

BicDroid

BicDroid is a world leader in data and cyber security with innovative solutions that protect your data anywhere, anytime, against everything.

Datacentrix

Datacentrix

Datacentrix provides end-to-end cybersecurity services for the operational technology (OT) and IT environments to monitor, assess and defend our customers' information assets.

eXate

eXate

eXate provides pioneering technology that empowers organisations to protect, control and manage their sensitive data centrally, providing a complete data privacy solution.

Polaris Infosec

Polaris Infosec

Polaris Web Presence Protection (WPP) is powered by our proprietary artificial intelligence and machine learning engine to ensure that attacks are stopped before they affect your business.

UnderDefense

UnderDefense

UnderDefense provides cyber resiliency consulting and technology-enabled services to anticipate, manage and defend against cyber threats.

Venustech

Venustech

Venustech is a leading provider of network security products, trusted security management platforms, specialized security services and solutions.

Kiberna

Kiberna

Kiberna are a small but niche company specialising in data driven security to manage your cyber risks.

Opticks Security

Opticks Security

Opticks provides fraud detection and monitoring solutions for leading brands. agencies and networks. Our relentless mission is to deliver reliable and innovative software to beat digital fraud.

Celcom

Celcom

Celcom is the oldest mobile telecommunications provider in Malaysia, providing solutions and services to consumers and businesses.

FPG Technologies & Solutions

FPG Technologies & Solutions

FPG Technology is a technology solutions provider and systems integrator, specializing in delivering IT Consulting, IT Security, Cloud, Mobility, Infrastructure solutions and services.

Assured Clarity

Assured Clarity

Assured Clarity are a global consultancy, specialising in Risk Management and Data Privacy, through Education, Awareness and Training, throughout an organisation.

Cyber Security Global

Cyber Security Global

Cyber Security Global is a leader in electronic security, consultancy, technology, cybersecurity solutions, training, and specialized products.

Walacor

Walacor

Walacor’s secure data platform represents the next generation of secure data and blockchain storage with a trust-first approach that revolutionizes enterprise data, and database management systems.