Given that this is National Cybersecurity Awareness Month (NCSAM), October is a good time for small and mid-size business owners and their IT teams to evaluate the security of their networks, especially given today’s rapidly changing business environment. One small hole in network protection and your company could be susceptible to a cyber-attack that can cost considerable financial resources as well as do harm to your company’s reputation.
While attacks on Fortune 100 companies and government agencies grab the headlines, it’s important to note that cyber criminals don’t play favorites. That’s especially true when you consider 43% of small businesses will be infiltrated by cyber criminals in 2019, according to Verizon.
Before we get started, though, it’s important to note that while October highlights cybersecurity, companies need to stay on top of network protection every day. After all, cyber criminals are working 24/7/365, making it a constant threat for all businesses. So, the tips we are about to provide can protect you all year.
1. Understand Cybersecurity Language
To gauge the best solution and cybersecurity partner, it is essential for business leaders to understand the means in which cyber criminals attack companies of all sizes. This will aid in evaluating the best cybersecurity providers and select the one that best suits your needs. Here are some key terms to become familiar:
Malware – The term is used for malicious software and covers a wide array of attacks, from trojan horses to ransomware. Understanding the “weapons” used in a cyber-attack will help select the most effective protection plan. The best prevention against malware, though is to properly train employees to stay away from any email, website or text that seems unprofessional.
Advanced Persistent Threat (APT) – A multi-phased stealth attack that uses multiple techniques and vectors to give cyber criminals control over target systems. Traditional defenses (firewalls, antivirus, etc.) aren’t enough. Business need to work with their cybersecurity partner to develop a comprehensive strategy to constantly monitor networks and security controls.
Keylogging – This malicious software tracks the keys struck to collect account information, user names, passwords, and other private data. A simple way to prevent a keylogger from accessing your business accounts is to frequently change your password. Another, more secure way is to install a password manager to generate and track a random, nearly un-hackable password.
2. Keep Security Software and OS Current
With the ever-looming threat of a cyber-attack, keeping your network servers, computers, and operating systems (OS) up-to-date is vital. Investing in security software is not enough; regular maintenance must be conducted.
If one employee’s computer is hacked, it serves as an entry for cyber criminals to access the entire network and gain access to valuable data. Here are some tips to keep security software current to protect your network from the latest threats.
- Ensure your IT team is aware of the most common ways businesses are attacked, including ransomware attacks, “drive by” infections, and spear.
- Update all software and computer operating systems (OS) once a month.
- Set all employee computers to “auto-update” to never miss an update, so your company is less vulnerable to attack.
- Send an email to all employees to emphasize the importance of updates and security.
3. Select the Right Cybersecurity Partner
Picking the right cybersecurity provider is dependent upon the type of network security that will work best for your business. Establish and agree to clear goals with your cybersecurity partner to protect your business from malware and other viruses.
For example, Techwerxe will supply an IT roadmap that will list goals and what technology and software will be needed to achieve them. Techwerxe also offers onsite support, working with your employees to ensure that proper computer protocol is understood and followed.
Selecting the correct provider isn’t enough. For it to be a wise investment, business owners and management must communicate with employees so they understand the importance of cybersecurity. Here are some tips to achieve that goal:
- Conduct a workgroup/seminar whereby a guest IT consultant speaks to all employees (including management) on the potential dangers of not adhering to cybersecurity best practices.
- Explain long- and short-term goals to create a sense of protection.
- Have a shared vision of cybersecurity – technology, processes, and responsibilities.
- Educate employees on healthy Internet practices and trending phishing and malware attacks.
Make sure employees remains vigilant about cybersecurity because over half of all attacks will be waged from the inside by malicious company insiders and inadvertent actors.
4. Prepare for the Worst
If you realize cyber criminals have accessed your network, it doesn’t mean all hope is lost, if you act quickly. The methods described below can help your company survive a network breach.
- Backup all data every other week, if possible, to the cloud or different services. This will allow your business to recover most – if not all – your data.
- Set aside financial resources, so if your network is infected with malware you can purchase resources to remove it, as well as necessary new equipment.
- Update passwords and encryption codes regularly to avoid former employees from abusing administrative power.
- Invest in cyber insurance (more on this below).
As the face and leader of your company, corporate management will set the mood for all employees. Remain calm and follow the steps above, if your company falls prey. Remember to stay in communication with your cybersecurity and IT teams, as their guidance will often be enough to regain lost data and prevent future attacks.
5. Cyber Insurance
As an owner of a small or mid-size company, you want to make sure you are prepared for every eventuality. With that mindset, cyber insurance is something business should invest in to protect themselves. The cost of this insurance can range from $1,000-$7,500. Like any insurance, do due diligence to select the best policy for your needs.
After carefully following the steps provided, your business is prepared to thwart cyber criminals. TechWerxe experts implement these steps for your company, helping to protect your company, employees, and data from attack. Please feel free to contact us.