Blog - 10 tips to reduce the risk of cyberattacks for your business | ACM

Blog Details

image

10 tips to reduce the risk of cyberattacks for your business

In 2018, an estimation of 1.5 million records had been disclosed. A recent report by a US-based cyber-security firm showed that as many as 96 percent of organizations in Singapore have had at least one breach in the past 12 months due to external cyber-attacks.



The rise is forecast to carry on in 2020 making cybersecurity as significant as ever. If you are unsure whether your business has enough protection, here are the 10 tips to reduce the risk of cyberattacks for your business.


1: Create Strong & Different Password

Weak passwords or same passwords across different accounts will put your business in danger.

Does your company have a password policy? Weak passwords are a hackers dream as most of the password hacking is now automated which is easy to crack them.

Likewise for using the identical passwords across multiple accounts, getting breached of one account would give the hacker an opportunity to access to all your accounts.

Train your staff on setting strong passwords and the importance of regularly updating them. Using a password manager is one of the easy method to manage lots of unique, complex passwords.


2: Provide cybersecurity training to your staff

According to an IBM Security report conducted by Ponemon Institute, "Inadvertent" breaches brought about by human error and system glitches accounted for 49% of data breaches, which estimated that human errors alone cost companies $3.5 million. Train your staff on the latest hacking and how to deal with phishing emails so threats are unlikely to fall victim to hackers.

Cybercrime is very productive at the moment so the sophistication of cyber-attacks and social engineering is constantly improving. So a good security advice 6 months ago might not be valid today. Staff training can't just be a one-time thing, instead, it is necessary to be a continuous activity.


3: Have Cyber-security policies

After training your staff on cybersecurity best practices, it's time to put a cybersecurity policy in place for your business, this will help when inducting new members of staff to the business as well as maintaining security commitment across the whole of the business. As human error is one of the largest factors in cyberattacks, one click of a malicious link can undo all the good work done by virus firewalls and protection.


4: Have Data control policies

You should have already done work on this because of GDPR. Data control policies ensures only authorized personnel could access to certain data.

Locking down access to your data is a big step to keeping it well protected. By restricting the amount of people who have access to it will give hackers lesser access points they can target.

Data control ensure that any data on that device can no longer be accessed if a company laptop gets lost or stolen. Not having data control policies in your business can be hard to determine what security vulnerabilities you actually have.


5: Have an IT security budget

Even a modest investment in security training has a 72% of reducing the impact of cyberattacks. We are living in a world where the threat of cyberattack isn't going away. Therefore it is essential for a business to take that threat seriously which will be required in spending some money.

There are other areas of investment that can help your business such as using anti-virus software or updating firewalls. You might want to consider outsourcing your cybersecurity completely. All of these are good options but they do come with a cost.

Considering that cost, compared to getting a data breach, it is so much better to invest more in prevention rather than losing a lump sum of funds to the cybercriminals. 60% of small organization ceases to exist after a data breach. All of the sudden expert help or training doesn't seem that expensive.


6: Use a new instead of old operating system

An operating system is the software that manages the hardware and software on your device such as Android on your phone and Windows on your PC. They all come with security updates that will fix any vulnerabilities that have been previously exploited by hackers.

If you are using an outdated operating system then you will no longer be getting those security updates. If that device is connected to your network then your whole business is exposed to attack.

The biggest example of an outdated operating system is the now end of life Windows 7. Any business that is still using Windows 7 will now become exposed to hackers because there are no more security updates that are no longer plugging the holes they have exploited.


7: Encourage your staff to use their own devices

There are many benefits of staff using their own devices but you have to address the security concerns that come with it. Staff using their own devices makes it more difficult to track what operating systems have access to your network. Also, each device is likely to have different levels of security in place.

Keeping track of data is another concern with staff devices. It's best to keep your sensitive data in the cloud so it can be accessed but not stored on staff devices. However, do keep in mind on the devices you give your network access to as they might already be infected and connecting them to your network will then infect your whole business.

Therefore, while allowing employees to use their own devices can bring plenty of benefits, it's crucial to handle the process with documentation and training in place to help staff work safely.


8: Update your anti-virus software

Cybercriminals are constantly evolving the viruses and malware they use. As hackers evolve security updates are needed to fix the vulnerabilities being attacked which is why it is so important to keep your anti-virus software up to date.

Security right now is a continuous battle between the providers and the criminals. As the criminals work on new ways to exploit vulnerabilities in a product the providers have to create and install fixes to cover those gaps.

Consult your IT support provider to ensure you have the right anti-virus software in place and it is constantly updated.


9: Check on Former employee's access

Depending on the size of your business you might not have a clear process for managing the technology of former employees. It might not seem to be a priority to change passwords or to remove their access but it's vital to your security.

Some employees can leave on bad terms and they can cause a lot of trouble if they still have access to your data. But there might be a chance that they could simply forget about the ex-company's details stored on their device. Cybercriminals can still have access to your data if their device gets hacked or stolen and if those login details are still valid.


10: Don't neglect cybercriminals based on business size

Cybercriminals don't just target the big companies. Because smaller organizations tend to have insufficient time or resources to properly protect themselves and they become easy targets. For those that still think it is fine to neglect cybersecurity because they are too small to be a target, the cyberattack is just around the corner.

Apathy might be a company's biggest vulnerability when it comes to cybersecurity. You are never too small to be targeted. You have never done enough to be safe and if you think it can't happen to your business then you're wrong.

Conclusion

Cyberattacks are not getting away. In fact, they continue to rise in number. It's difficult for any company to be 100% secure but there is many prevention measures you can do to better protect your business. If you have any enquires on how your business can prevent from cyber-attack, feel free to contact us by email: info@achievement.com.sg, or call us at 6295 5962