Staying Savvy this EU Cyber Security Month
As if you don’t have enough to worry about as a business owner, you also have to consider how prepared you are in the event of a cyber security attack.
It’s vital that you understand what information can be stolen from your business and how. Cyber security breaches don’t just take place by movie-style futuristic hackers. The most common breaches happen when third-party vendors or even staff access and then exploit sensitive information.
It’s important to keep updated with emerging trends and ever-evolving risks in the cyberattack world. Here are some of the risks that your business can be exposed to:
- Hacking – Hacking seems very cliche and like it only occurs in the movies but it’s actually very common. Criminals can gain access to your emails or systems and then manipulate or steal information from them which can have a detrimental effect on your business.
- Malware Threats – Malicious software, or ‘Malware’ for short, is software created by hackers which is embedded in your devices or online platforms in order to receive access to your personal information.
- Phishing – Phishing occurs when attackers trick you into handing over sensitive and personal information, such as passwords and credit card information, through a fraudulent website that appears to be legitimate. Emails and texts appear as though they’re from trusted sources such as your bank or HMRC however will include a link that is far from trustworthy.
- Identity Theft – Identity Theft is very easily achieved nowadays as some people over-divulge personal information on social media without thinking of the consequences. This personal information can be used to take out credit cards, loans and commit other fraud without your permission and sometimes, your knowledge.
- Keylogging – Keylogging is when software tracks what your keyboard does and can store this information. It’s a very dangerous type of cyber attack as it isn’t always detected by anti-virus software.
So what can you do to protect your business and information from these attacks?
Create a ‘cyber culture’ and get your staff involved in the importance of cyber security. It’s important to educate them on what effect breaches have on the company and how they play a part in protecting the business from such attacks. A policy should be implemented that ensures all employees are trained in what is expected of them and what they should do should the worst happen.
Restricting the use of removable media such as USB drives, CDs, DVDs etc is an effective way to prevent sensitive information being stolen; if these devices have to be used, it’s advisable that they are logged in an inventory and accessed by management only.
There are many companies out there who can provide you with antivirus protection but it’s important to research which software performs to your requirements and provides you with the protection you need.
Review your security plan regularly, this will help you to identify any weak points and act on them, allowing you to stay one step ahead of threats:
- Have an incident plan which details what happens in the event of a cyber attack.
- Make sure that passwords are regularly reviewed and changed in order to ensure they’re the most secure possible, it’s also advisable that passwords are not saved on computers that are shared or written down where they could be read by others.
- Any WIFI networks that are used should be secure, and staff should only use these networks when accessing the internet on work-related tasks.
- Documents that contain any personal information should be stored and then disposed of in a secure manner and never left in view of others.
- Protect all devices that you use in the business and enable software which allows you to remotely erase them if they’re lost or stolen.
- Keep all devices updated and ensure they’re checked regularly.
There is no guaranteed way to ensure that you never face a cyber attack, however, the tips in this blog post are to help you have the best defence. The National Cyber Security Centre has put together a guide to ensure your business is protected from cyber-attacks.