How can you protect your business against cyber-attack?
As a ‘hot topic’ for 2017, Cyber Security is quickly becoming a key area of focus and concern for SMEs. In fact, research from 2016 showed a sharp increase in the number of attacks on SME’s in the previous four years, and current projections show that this will only have increased further during 2017. According to the U.S’ National Cyber Security Alliance, 60% of small companies that were the victim of a cyber-attack, went out of business within six months in 2016. Now, more than ever before, it is vital that SME’s protect themselves against cyber threats.
GUARD YOUR EMAIL INBOX
It’s an easy mistake to make. You receive an official-looking email about an overdue invoice, you don’t recognise the information, so you click the attachment or follow the link to try to decipher how payroll missed it. Your computer/tablet/smartphone is then infected and encrypted with ransomware, and you are prompted to pay a fee to retrieve your files and unlock your device.
The risk of suffering a ransomware attack has been growing for some time; as discussed here; and is now a major threat to SMEs. The best way to protect yourself, and your business is to guard your inbox against spam and phishing emails. “You need to use a blend of technical and educational solutions,” explains Vince Warrington, founder of information security company, Protective Intelligence.
Creating an effective recovery plan, to enable your business to continue to function in the event of a cyber-attack is also critical. One key way to do this is to make sure you have recent backups of data to an external system; either a hard drive or cloud-based solution (or both!); to ensure that your company can continue to operate during the immediate aftermath of a cyber-attack. To compliment this, it is also important that existing software, operation systems and browsers are kept up-to-date with the latest patches and upgrades. These patches are designed to prevent cyber-threats from accessing your device and keep it protected.
In addition, by educating your team in ways to identify infected email attachments or suspicious links is vitally important. If they don’t recognise the sender or have any suspicions about its authenticity – they shouldn’t open the email. This is critical for members of your team who send and receive a lot of emails; such as HR or Finance; to understand how to identify such emails, and what to do when they do.
EDUCATE YOUR STAFF
As well as educating your staff regarding the risks of opening suspicious emails, it is also important to inform them regarding other areas of cyber-threat prevention. The easiest way to make sure you staff realise the importance of good cyber security practices is by instilling it from day one. Encouraging your employees to always be on their guard against cyber-threats, and showing them how to keep their information safe are two business-critical ways you can encourage good security practices within your organisation.
Having a formal company cyber security policy in place is a great starting point. Using this policy, you will be able to clearly define what practices are allowed, and which are prohibited within your business. Make sure a copy of this policy is included in your on-boarding process for new starters. Symantec/NCSA noted that only 10% of companies follow this practice.
Preventing staff from accessing their personal email on your organisation’s Wi-Fi network is a widely-accepted first step. This will mitigate the risk of your staff clicking on attachments and links being sent through to their private emails, which are less likely to be filtered than company systems. Restricting access to social media whilst on a corporate network is also advised due to the minefield of external links widely shared on such platforms. Having such policies in place from an employee’s first day, is a great way to make sure they are not risking the security of your organisation unintentionally.
CONSIDER INTERNAL THREATS
It is also worth noting that there are situations where an employee intentionally exposes your company to a cyber-attack. In a study published in January 2017, Digital Guardian spoke with a panel of security experts who almost unanimously agreed that the biggest threat to organisations are people inside those organisations, and IBM found in September 2016 that up to 60% of all attacks were carried out by employees inside a business. A study by Tripwire; released in April 2017; identified that 74% of companies felt vulnerable to insider threats.
With this in mind, it is important to keep an eye on what your employees are doing within your business, and what authorisation they have been given. Insider threats can go undetected for many months, and even years. They can also be easy to cover up by an employee. Those with privileged access, working on a contractor basis or who have been terminated are the most likely offenders.
Insider-driven cyber-attacks are not always malicious, and occasionally the result of employees who accidently leave the company vulnerable to an attack. They may be the result of an employee being misinformed regarding cyber-security practices, and allowing it to be compromised in favour of productivity and efficiency.
So how can you protect your business?
Background Checks: The first step is ensuring you have adequately referenced your employees prior to hiring them; whether that be calling previous employers, researching on Google or finding their social media profiles. This should help you identify any obvious threats and candidates to avoid.
Employee Monitoring: Regarding your employees who have already joined the business, the easiest way to reduce the risk of insider threats is by monitoring your employee behaviour. Identifying when an employee is unhappy is a first step; unhappy and desperate employees are usually the most likely to threaten the security of your company. Furthermore, one of the best methods to ensure employee’s behaviour is monitored is by using threat detection and prevention software. This would allow you to review any incidents, and records user sessions to ensure there is concrete evidence if there was ever a need for it.
Minimise the risk: Only allowing a few members of your team access to privileged data is a great way to ensure your data remains safe. It reduces the number of people able to make errors, get hacked or act maliciously. A widely utilised cyber security principle ‘the principle of least privilege’ is applicable here – any new starters should start with the lowest privilege levels, and increased only if needed. Likewise, this rule can be applied to the privilege credentials of temporary and third party employees.
Secure user access: In line with having a strong cyber security policy, it is important that good security practices are followed throughout your organisation. Users should be allocated unique, complex, strong passwords that should not be shared with any other accounts, and these details should not be released to any other members of your team. Restricting the sharing of accounts is also recommended, as it will make potential inside threats easier to identify.
MAKE SURE YOUR HARDWARE IS SECURE
As well as ensuring your virtual systems are secure, there is value in securing your physical systems too. The majority of cyber-attacks actually occur when electronic equipment is stolen from the organisation. Making sure that staff use good security practices, such as closing and locking server room doors can help to reduce the chances of this happening, in addition to theft prevention techniques such as alarms and CCTV.
Furthermore, the majority of laptops and desktops, as well as some external hard drives include a Kensington Security Slot, allowing the device to be secured to a table or desk. It’s a feature mostly overlooked, and though it will not guarantee that your device will not be stolen, it will definitely slow down a potential thief, or even discourage them entirely.
Should your organisation’s security be compromised, the ability to track any stolen equipment is paramount. There are many providers of tracking software available to choose from, and many of them will track the location, lock it remotely to secure the machine and some even photograph the thief using webcam.
Cyber Security Insurance is vital to a small business. As previously mentioned, the costs of a cyber-attack can be astronomical, so ensuring your business is suitably covered is key to its survival. There are a number of providers specialising in different facets of cyber security. Making sure you find the best one for your business is key.
The cyber security space is fast paced and evolving, and cybercriminals are finding new ways to expose business and steal, compromise and encrypt data. Making sure your business is protected and has policies in place to ensure it can survive a cyber-attack is fundamental. Are you a cyber security professional looking for a new opportunity? Find our cyber security vacancies here.