SAFETY AND SECURITY IN THE CYBERCRIME ERA

Gemma Bryant  

With the TalkTalk hack still fresh in business owner’s minds, cyber threat is becoming a real concern for companies of all shapes and sizes. Costing the global economy an estimated $445 billion each year, what was once an isolated intrusion is now the stuff of government policies and international co-operation. Yet within the sea of media reports, many firms remain confused about what constitutes a cyber threat and how they can protect against it. Here we look in more detail about the types of attacks which are happening and explore ways to promote cyber security.

What does a cyber attack look like?

Increased internet connectivity has generated major benefits for business by opening their doors to the world in a way which could not have been imagined even twenty years ago. The downside of this increased access is however an equivalent rise in the level of vulnerability they have to computer based or cyber attack. These attacks come in many forms from malware (viruses introduced to a company’s network which typically steal or destroy data), to phishing (information requests which redirect the user to a dummy site where data is again stolen) and malvertising (online adverts which contain malicious code which infects the company network). Ransomware is another form of cyber attack which is increasing in use. It involves a hacker stealing your information or taking over a network and then demanding money for its return. Some attackers also threaten to publicly release the information, which can have serious professional and personal consequences- a notable example being the Ashley Madison hack earlier this year.

How to guard against a cyber attack

There are a number of elements to a successful cyber security strategy. Developing an effective approach means thinking about how to prevent an attack but also having measures in place to deal with the fallout if an attack happens. Here are a few key ingredients in the recipe for securing your cyberspace:

Instigate an internal usage policy– One of the common themes within cyber attacks is that they often require someone already on the network to click on a link or attempt to access an email. This action then activates the virus or worm and allows the hacker to access the network and steal information. They are essentially therefore ‘let in’ to the network by an existing user. Now although this can be in the form of a disgruntled employee maliciously enabling access, it is far more likely to be done by a perfectly happy employee who inadvertently clicks on a link which they shouldn’t. Introducing a new internal user policy or tightening up on existing protocols should be the first and most basic step in protecting your network. Your employees need to be aware of the potential implications of their actions and should also be kept updated about current trends in scams.

Run those updates– Software updates can seem like a time-consuming distraction but they are an essential element of maintaining robust cyber protection. Ensuring updates are implemented on a regular basis across the whole network is an absolute no-brainer if you want to keep your data safe. Ignoring updates, which often contain improvements to anti-virus measures and reinforcements to firewalls, is a risky strategy.

Password practice– One of the easiest mistakes to make is to use the same password for multiple accounts. Although this means it is easy to remember, it also makes it much simpler for hackers to access a wider range of information. Most people wouldn’t consider having the same key to their house, car, business premises and maybe even a holiday retreat to be a sensible approach. Yet all too many of us regularly repeat our passwords across home and business accounts. Passwords are also often pretty easy to guess. Avoid obvious choices such as names of children, pets, maiden names etc. and ensure your employees follow this advice too.

Get specialist help– Depending on the nature and size of the business, it may be cost effective to bring in a specially trained cyber security advisor. They can conduct a root and branch review of existing systems, policies and procedures and provide guidance based on the most up to date developments in cyber safeguards. Additional protection is also available in the form of specialist cyber insurance. A range of insurance products are available which mitigate against the costs and other liabilities associated with issues such as data breach, network security, multimedia infiltration and extortion threat protection.

When it comes to cyber attacks, one thing is certain- inaction is not an option. This is a threat which will not go away and if current trends continue the scale and frequency will only escalate.  Former General Electric CEO Jack Welch once said,

“An organization’s ability to learn, and translate that learning into action rapidly, is the ultimate competitive advantage.”

In today’s cyber climate, learning how to protect your security and implementing an effective strategy as quickly as possible could be the ultimate key to securing your competitive edge.