7 Tips to Keep Cyber-Criminals Out While COVID-19 Keeps You In
It is the end of August 2020. As of today, we have been living under one of many versions of a lock-down across the Country. We have had to adapt to working remotely, learn how to use Zoom, Teams, and Skype to stay connected to our clients and co-workers, implement security mechanisms to protect our sensitive data from unwanted visitors, etc.
Major events like the COVID-19 pandemic create new opportunities for cyber-criminals to gain access to business valuable and critical information. We all have seen an increase in e-mails being sent by unknown users asking for us to “click” on a link or reply to the e-mail. These are invitations for us to submit the information the bad guys need to access our information.
There are many ways for breaches of data and networks to happen. 43.8% of breaches are the result of Phishing; 30.5% the result of stolen credentials, 8.57% are due to hacking, with ransomware, malware, and others rounding the list.
Although each form of attack has different characteristics, they have one commonality, i.e. they all require an action from the user, i.e. us! For this reason, we need to focus our attention on making every member of our business and/or organization aware of how breaches occur; this can be done through training provided in the course of regular staff meetings. Consider the following training tips:
1. Think twice before clicking links – train your employees to be on the lookout for suspicious links that can lead to ransomware.
2. Be suspicious of unexpected attachments – ensure your users only open attachments from proven and trusted sources no matter how “official” that e-mail and attachment may look.
3. Protect passwords – Since 80% of the cyber-security breaches are the result of password practices, encourage employees to use stronger passwords, avoid writing them on sticky notes, and implement the use of password managers.
4. Beware of strange networks – make employees aware of the dangers of logging in from insecure public and home WiFi networks and how to use them safely.
5. If possible, implement and use two-factor authentication – an extra layer of security which ensures only approved users gain access to your systems and data.
6. Keep an eye on the bad guys – monitor the Dark Web for compromised company data so that a problem can be addressed before it becomes a crisis.
7. Stay current on threats – work with your IT services provider to stay on top of today’s challenges.
Another thing to keep in mind is the possibility of buying Cyber-security liability insurance. It is well documented that Cyber-attacks put 60% of SMBs out of business. In addition, new privacy legislation is driving cyber insurance mandates. Unfortunately, the high cost and complexity of cyber policies results in only 34% of businesses planning on spending more on cyber insurance even though 54% of businesses believe a cyber-attack or data breach is inevitable!
There is nothing businesses can do to absolutely guarantee that a cyber-attack will not happen to them. However, the tips provided here can help reduce the possibility.