You may have never experienced a cyber-attack, but the chances of you experiencing one are increasing as the amount of malware being produced is rising. A report from Panda Security revealed that 230,000 new malware samples are produced every day and that this is predicted to keep growing.
Businesses are becoming more reliant on technology and with that comes a higher risk. All it takes is one small mistake and a hacker is exposed to your all-important data. Cyber-security is understandably ever-changing but by recognising the mistakes you and your business could be making, it may prevent a devastating attack and give you peace of mind.
Many businesses and homes have alarms to prevent them from intruders, so why shouldn’t businesses have the same prevention when it comes to cyber-security?
With all this in mind, what are the common mistakes you could be making?
Assuming you aren’t a target
Anyone and everyone with data is a target! Assuming you aren’t one and thinking it won’t happen to you will only put you at more of a risk. This mindset is so important because it impacts all of the decisions you make around cyber-security.
Are you a SME? Or do you think your data wouldn’t be valuable enough to an attacker? Data comes in all shapes and sizes, and hackers aren’t picky with what they can get their hands on.
We are less likely to hear about the attacks on smaller businesses because fewer people may have been impacted rather than the people of a larger organisation such as the NHS. This is often why people fall into the trap of assuming they aren’t a target.
Take action, don’t ignore the issue and find the time to familiarise yourself with cyber-security measures. Waiting until it’s too late could hugely impact your business. Why not start by reading our FREE Cyber Security White Paper? >>
Seeing cyber-security as an IT issue
Cyber-security is not just an IT issue, it is an issue of a business as a whole. Take the time to educate and train your employee’s about cyber-attacks and the ways they can help prevent attacks. After all, an attack isn’t going to just impact your customers and business but it will impact your employees as well.
There are many ways you can train your employees and it is important not to fall into the trap of a tedious PowerPoint presentation. Liven it up and get your employees interacting with each other to make it memorable and they may be more likely to stick to the rules. You could also create an incentive offering rewards to help with this.
If you have informed and made your employee’s aware of the dangers of poor cyber-security, they may be less likely to make mistakes. They then may have a better attitude towards cyber-security best practises and enforcing them.
As discussed above the training of your employees is paramount. Weak and vulnerable passwords are one of the most common mistakes many businesses employees make which enables hackers to perform an attack.
We understand that passwords can be hard to remember and time consuming to type when including symbols and numbers, especially if you follow instructions to make them ‘strong’ and hard for hackers to guess. However, you can risk losing a lot more than your patience.
Research has shown that many people use their birthdays, the names of their pets, family members or other common passwords such as ‘12345678’ which can be associated with you quickly and easily. Building on this, estimates have shown that a good hacker can break two-thirds of all passwords in existence today.
Do you store your passwords on a sticky note in your desk? Or on a spreadsheet?
No matter how strong your password is, where you store it and other passwords could jeopardise this! Use a good password manager such as LastPass to make life easier and prevent them being discovered. A password manager stores your passwords in an encrypted database and helps you to generate and protect these passwords, therefore, you will only need to remember one master password.
Poor system and network administration
Is your software completely updated? Do you have a competent system?
Cyber-attackers can often be discouraged when businesses have taken the time to make sure their systems are updated, leaving no doors open for hackers to gain access to their data.
One user’s problems could affected everyone on that network. Typical prevention measures when it comes to your network could be restricting access to the network infrastructure to authorised personnel only, data encryption systems for sensitive data and training staff in safe and secure use of the equipment.
Regular maintenance on your systems and networks will keep things running smoothly and most importantly help keep the hackers away!
Falling for phishing attacks
You may think that you won’t fall for one, but huge amounts of employees fall for phishing attacks every day and are one of the main reasons for cyber-attacks. Phishing is a method hackers use to gain access to data through deceptive emails. An investigations report in 2018 from Verizon Data Breach showed that 30% of phishing messages are opened by targeted users, and 12% of those users click on the malicious attachment or link.
You receive an email from an address you don’t recognise, what do you do?
Many people may think this is an obvious question, but as you can see from the statistics above people still fall for them! Think about what emails you are opening.
Phishing attacks can also come from addresses of people you do know, for example an urgent payment request from your CEO. A method called email spoofing is often used in this situation where hackers forge an email header so that the email appears to have originated from somewhere other than the actual source. This is because people are far more likely to open an email from a source they recognise. Checking the email address not just the display name, looking for the header and checking the ‘received field’ are just a few ways you can see if the email you are being sent is spoofed, therefore helping to prevent a phishing attack.
It is a businesses responsibility to educate their employees and customers on phishing attacks and how to detect them. By doing such practices you will automatically improve your cyber-security.
What we can learn from this
Human-error as a whole is one of the key things that causes cyber-attacks in businesses, in fact 90% of cyber-attacks are caused by human error or behaviour. By correcting the mistakes you could be making you may be able to help prevent your business from a cyber-attack. Don’t wait for one to happen!
As a company that values and takes their cyber-security very seriously, we urge you to educate yourself and your business on cyber-security and the mistakes you could be making. You never know when your data could be breached.