Over the past 12 months, 54% of UK organisations acted to identify cybersecurity risks. This leaves the 46% that weren’t seeking out threats at a higher risk of a data breach or malware infection.
Putting your head in the sand about potential attacks doesn’t keep them from happening, it simply keeps companies from knowing about them. Many attacks are silent in nature. For example, an attacker may breach a company network and plant ransomware, then wait months to activate it.
Why? One of the reasons is that they are trying to wait out your last clean backup. If all your backups have the ransomware code included, then they stand a much better chance of collecting the ransom once the malicious code is activated.
October is Cybersecurity Awareness Month (CSAM). It’s a time to reflect on IT security at your organisation and take steps to improve your team’s cyber hygiene. The security standards you set this month can be carried out throughout the year to improve cybersecurity and reduce risk.
When employees are well-trained in cybersecurity awareness, security-related risks drop by 45-70%. That’s a significant savings when you consider all the costs that occur when a business is hit with a cyberattack.
Costs include:
- Lost business due to downtime
- Lost employee productivity
- Costs of remediation
- Possible notification & legal costs if sensitive data was breached
- Loss of customer trust
Cyber Security Awareness Month Theme: “See Yourself in Cyber”
While CSAM began in the US in 2004, it has been adopted by other countries around the world as a way to join forces globally against cyber threats. When you sign up for free as a Cybersecurity Awareness Month Champion, you’ll get access to multiple free resources (infographics, social media posts, etc.) that you can use to promote security awareness.
This year’s CSAM theme is “See Yourself in Cyber,” and it promotes the fact that cybersecurity impacts everyone. Everyone can play a part in adopting and promoting the best practices of cybersecurity.
Four Key Actions to Improve Cyber Security
This year’s CSAM highlights four simple actions that individuals can take to greatly increase their level of cybersecurity. When employees adopt a culture of data security, the organisation as whole benefits. It’s a win-win situation.
Here are the key actions to promote this month and continue teaching year-round.
Enable Multi-Factor Authentication (MFA)
Multi-factor authentication is known as one of the best ways to keep accounts secure. Depending on the type of MFA used, it’s proven to block between 76% and 100% of fraudulent sign-in attempts.
Despite its effectiveness, many companies and their employees aren’t using it. The reasons cited include:
- It is too difficult to do (24%)
- I don’t know how (22%)
- I understand the risk, but not the problem behind the risk (18%)
Every password-protected account should have MFA enabled to reduce the risk of an account takeover. New solutions like single sign-on (SSO), make it possible to have convenience and adequate security at the same time.
Create Strong Passwords & Use a Password Manager
What is the number one cause of data breaches globally? It’s not ransomware or brute force attacks, it’s password compromise. People create weak passwords, reuse passwords, and adopt other bad habits that hurt security.
The first line of defence is to create strong passwords for each account. A password that is considered “strong” has the following attributes:
- Long – Every password should be at least 12 characters long.
- Unique – Each account needs to have its own unique password.
- Complex – Each unique password should be a combination of upper-case letters, lower-case letters, numbers, and special characters
One complaint people often have when asked to create strong and unique passwords for each login is that they can’t remember them all. This is where a password manager, like Keeper Security, comes in.
Password managers provide a secure vault to store all passwords. The user only has to remember a single strong password to access all the others. These apps also have other benefits, such as recommending strong passwords.
Keep All Software Updated
One Cyber Security rule of thumb that is too often neglected is to keep all device software updated which means software updates will often include vital security patches for freshly found software flaws that lead to exploited vulnerabilities.
Updating is becoming a big task with all the devices people now use. Computers, tablets, smartphones, routers, and IoT devices all need to have updates installed regularly. You can lighten the burden and improve security by using our London managed IT services to automate those updates.
Recognise Phishing & Report It
Phishing is a constant intrusion in employee inboxes. While email filtering is a great help, users also need to be able to recognise phishing when they see it. This is increasingly difficult given the fact that large criminal groups now use sophisticated AI-based algorithms to personalise their dangerous messages.
But there are still tactics you can use to identify phishing:
- Look for mismatches between the sender’s email and the company noted in the message
- Look for any slight spelling or grammar errors
- A sign of urgency or threat is a red flag
- Hover over links without clicking to reveal the URL
- Ask, “Is this email unexpected or does it sound strange in any way?”
Once phishing is identified, it should be reported. This ensures the entire organisation is aware of the threat. Make sure employees know how to report phishing so everyone can be alerted, otherwise one employee may spot an attack, while another one is caught as a victim.
Improve Your Organisation’s Cyber Hygiene with Help from Network & Security
You don’t have to navigate the dangerous waters of the online world alone. Network & Security can help your London or Hertfordshire area business with a cybersecurity check-up and recommendations to reduce your risk of a breach
Contact us today to schedule a free consultation. Reach outline or call +44 (0) 1727 627355.