Kickstart your Cyber Security Strategy.
It’s April 2021 and some companies still don’t have a clear view of their cyber security strategy and their business may be at risk. It is estimated that roughly 170.000 businesses across the island of Ireland could be vulnerable to any malware attacks that infiltrate their systems as they don’t have a solution in place or a qualified member of staff overseeing their cyber security. A study from 2020 shows that of 205 companies belonging to different sectors, approximately 48% of them did not have any cybersecurity policy in place.
It is undeniable every business needs a cybersecurity solution in place, but it can be difficult to know what to prioritise and the steps that need taken.
The first steps.
Testing – It is proven that most cybersecurity risks come from human error such as an employee clicking on a link they should not have or opening an attachment from an untrusted source. Cyber security awareness education is vital and compliance testing is a great way of keeping your employees up to date on the risks and the actions necessary to protect your business.
Resources – You should use all the resources available to you. Always keep up to date with your security software messages and make sure to regularly access your control logs and act on any issues or alerts your monitoring system issues. Make sure you have full visibility of what machines or software are running on your network and ensure you can identify what should not be there. Run weekly vulnerability scans and penetration tests to scan your systems for weaknesses so you can act on these weaknesses.
Many companies employ a managed services company to guide, implement, monitor and support their strategy. Find out more.
Backup strategy – Even with the best security strategy, breaches can still happen. It is essential that you are prepared for the eventuality of a breach happening. Discuss with your team how best to react to a variety of scenarios and have a mitigation plan to help your organisation deal with the damage of a breach and get back to business-as-usual as soon as possible.
It is also key to treat it as an addition to a robust cyber security defence and emergency plan.
Having a strong emergency plan in place will minimise the damage caused by a breach.
Having good online instincts is key and it’s vitally important all staff are aware of how to keep your company protected.
Top tips for online security:
- When you visit a website, you do not already know or trust, always check for “Https” in the address bar – this will let you know if your connection is secure.
- Be email aware – be cautious of messages that:
- Are from unfamiliar senders.
- Request personal or financial information.
- Are not personalised or just don’t seem quite right.
- Contain coercive, frightening or offensive material.
- Learn how to spot spoofed emails and be vigilant to them. Always check the send-from address and think twice before clicking a link within an email.
- Keep all your browsers and your operating systems updated with the latest security updates.
- Be aware of pop-ups – do not click on links or enter any personal information into them.
- Use strong passwords – you can read our blog on password security here.
If you have a company issued device or your own device, it has potential to become a security risk for you and your business.
Top tips to decrease the risk of devices:
- Do not take a company issued devices with you when travelling unless you are sure you need it.
- Back up your device data, lock your phone with extra security, use apps such as “Find my iPhone” or “Android Lost” and enable remote access to protect and preserve your information if your phone or tablet is lost or stolen.
- Only download apps from a legitimate app store.
- Choose your apps carefully – app malware is a rising and could be a serious threat.
- Clear all data before selling or disposing of your device.
- Use a VPN when connected to unfamiliar networks.
- Do not use any USB devices before checking them before hand by your IT department.