Are you aware that global damage of cybercrime has risen to an average of £11 million per minute, which is a cost of £190,000 each second. If you are an SME, its reported that 60% of these businesses that are impacted by a data breach end up closing their doors within six months because they can’t afford the costs.
The costs of falling victim to a cyberattack can include loss of business, downtime/productivity losses, reparation costs for customers that have had data stolen, and in most cases, reputational damage. As a business owner, part of your security strategy you should be identifying the risks associated with Cyber Security.
Additionally, you should be mitigating those areas that could be leaving you high risk for a data breach, cloud account takeover, or ransomware infection.
Introducing and Enforcing MFA
Cybercriminals are becoming proficient at accessing your credentials. It’s critical to enable and ensure all of your users are using MFA. It’s never 100%, nothing is when it comes to Security, but having the basics in place is one more step an attacker needs to overcome. MFA is also known as 2 step verification, and it can be a password, security token or biometric verification.
These are some of the more popular methods, and you will recognise Microsoft Authenticator and Google Authenticator as some of these methods. Consequently, if attackers breach one security layer, they’ll still have to do a lot of digging to access your information allowing you more time to identify and potentially stop the attack. We recommend all accounts, where it is supported, are protected with multi-factor authentication as standard to stopping cybercrime. Without it, it could leave the business at greater risk of falling victim to a breach. If MFA is enabled, it can reduce fraudulent sign-in attempts by a staggering 99.9%.
Number matching has been in public preview for MFA since November 2021, and almost 10,000 enterprises are already using it daily. It is also the default experience for password-less phone sign-ins using Microsoft Authenticator or Google SmartLock.
Regularly Checking and Patching Cyber Security Vulnerabilities
Patching can be the bane of an IT persons, and a business owner’s, life. It’s a constant process and procedure that is needed for all businesses, across all devices and applications. Application and operating system flaws and exploits are common in cybercrime, through phishing and email attacks in the main.
Hackers are constantly targeting these unpatched flaws to make a connection and compromise your data. However, through regular patching this can be prevented overall.
Conducting Regular Audits
We also advise businesses conduct regular audits to identify weaknesses of your business’s cybersecurity. Through this process, it will identify systems and services that are vulnerable to cybercrime, and help to identify any areas that need resolving or mitigating. Cybersecurity is a constant moving beast within IT and the business.
If you outsource your IT to a business or an MSP, make sure they are aware of new starters and especially leavers. Also, if there is any lateral movement in the business.
Ensure you have a solid Offline/Offsite Backup
Its critical to business that a backup and recovery plan in place. Sometimes this is overlooked. If there were a cybercrime incident, it allows you to recover the business quickly without too much downtime.
Secure Each Part of Your Network
Hackers can use a variety of different entry points into your network. However, mobile devices, computers, and laptops connected to your network are the main gateways into your network for hackers. This is normally through email and exploiting an unpatched vulnerability.
Implementing these devices with strong and reliable authentication can mitigate and protect your devices against threat. Here are a few of our best tips on creating strong and unique passwords:
- Don’t go overboard while mixing letters, symbols, numbers, and upper-case characters. Instead, come up with something simpler, but it should still have a minimum of eight characters. Try for a sentence that you can remember, ideally around 16 characters. The longer the password is, the harder to crack.
- Choose something you can easily memorise. Or make use of a password management platform.
- Reset your passwords whenever you forget them. In addition, change them once a year to keep things fresh.
- Invest in a secure and trusted password manager that can save, instantly fill usernames and passwords as well as auto generate extremely unique passwords for you.
Updating and Upgrading When Possible
When receiving a notification or pop up that alert you to a software update, it is common for many people to ignore it or put it off until a later date. However, this is actually a risk as developers’ issue updates to patch and fix vulnerabilities in their software and not updating allows gateways into your network for cybercriminals and puts your data at large.
The same also applies for upgrading devices and applications as in most cases newer versions of a device are more advanced and secure.
Are You Worried About Cybercrime?
Are you worried about cybercrime and your company’s cyber security? Get in touch by giving us a call
