Cybersecurity Awareness Month started in the US in 2004, but has rapidly expanded around the world as the threat of cyberattacks against businesses continues to grow in a digital age.
For me, there are four key practices every company should be looking at when it comes to safeguarding their employees, systems, and data, writes Sean Moran, MD of Itec Edge.
Protect your email
According to the Mimecast State of Email Security 2022 report, a ransomware attack targeting corporate emails occurs every two seconds. With the cost of these attacks expected to reach $265 billion by 2031, email is one of the most common platforms cybercriminals can use to gain access to the company network.
Malicious users exploit the sheer number of emails people receive daily to perpetrate advanced phishing attacks. It only takes one employee opening a malicious attachment to infect the entire network, potentially resulting in credential theft, fraudulent payments, and ransomware bringing a company to its knees.
Using a comprehensive email security solution can greatly reduce the risk of compromise. However, the right software and hardware provide just additional layers of defence. It comes down to employee education.
Train your employees
Which brings me to the next tip. The human element is the biggest cause of data breaches today. Of course, people do not intentionally put their companies at risk. However, cyber attackers have become more sophisticated and even the best of us can be tricked.
A Sophos Ransomware report cites ongoing staff education as a crucial weapon in the fight against cyberattacks. Poor password handling, insecure software, and a lack of knowledge of potential threats and best practices greatly contribute to the weakening of a company’s cybersecurity posture.
Training provides a great way to minimise the risk of human error by keeping staff continually informed of the correct actions to take when spotting a suspicious email or even SMS.
Keep your endpoints safe
The Fortinet Global Threat Landscape Report has discovered 72 Zero Day vulnerabilities (a vulnerability that has been disclosed but not yet patched) for the first half of this year alone. This will likely continue to increase as hackers look to exploit compromises on the variety of endpoints which employees use in today’s hybrid working environment.
To protect themselves against these threats, companies should adopt solutions designed to secure their endpoints. From vulnerability and patching to anti-exploit technologies are all crucial in the ongoing fight against the relentless wave of attacks faced by companies of all sizes regardless of industry sector.
Strengthen your ransomware protection
There is no getting around the fact that ransomware attacks are on the increase. According to the Sophos State of Ransomware in Financial Services 2022 report, 55% of financial services companies were hit by ransomware last year, up from 34% in 2020. Even so, financial services companies experience the lowest number of attacks when compared to other sectors.
One of the reasons for this is that these organisations proactively hunt for threats to identify them before they can execute an attack. This is where a specialist MDR (managed detection and response) cybersecurity service becomes imperative. Also, companies must make backups and practice restoring from them should the worst happens.
These tips are just a small part of what you need to do to harden your organisational cyber defences. They are the critical building blocks in an increasingly sophisticated environment to help create safer business infrastructure.