Today, 25% of all crime is cyber-related. With the list of IT concerns ever growing and becoming more sophisticated with each day, an unprotected business is a sitting duck. It’s vital that all organizations practice basic cyber ‘hygiene’ and implement and follow best practices – your employees, customers, and business longevity all depend upon it.
Today, 25% of all crime is cyber-related.
Here are six simple steps to strengthen your cybersecurity and safeguard against fraud, ransomware and other cyberthreats coming your way:
6 steps for cyber security
- Educate and test your employees.
My number one piece of advice when it comes to cybersecurity, is to educate employees. Research shows that 91% of all cyber-attacks begin with a phishing email and 32% of successful breaches involve the use of phishing techniques. This means your employees are the first line of defense against hackers. Train and test employees on exactly what to look for and how to react if they encounter suspicious activity. That could be a malicious email link, PDF file or a website link. Read more about the top three cyberattack tactics against financial institutions, here.
- Back up critical data.
One of the fastest growing cyber threats is ransomware. With this tactic, hackers capture your data and hold it “ransom” until payments or other demands are met. The best defense against ransomware attacks? Storing up-to-date, clean backups that you can quickly and easily restore without being at the mercy of the hacker. Follow the gold standard 3-2-1 strategy and ensure you have three copies of important data, store the copies on two different storage media and keep one copy offsite.
- Test your security controls.
Can your system be broken into? Is your data secure? The best way to find out is to run a system test, or what we call, a penetration test. This will help identify vulnerabilities that need to be addressed and tell you whether your security program can stand against cyber threats.
- Update your system.
One of the easiest things you can do is simply stay up to date with system and software updates. Updates often include patches and fixes for known vulnerabilities and security threats. So updating helps to protect from potential security breaches, hacking attempts and data breaches.
- Plan for damage control.
When security breaches or cyber-attacks occur, time is precious. And even with the best defenses, the worst can happen. If your data and credentials are stolen, you will need to stop the damage as quickly as you can, find out how the hackers got in, shut off their access and plot a recovery plan. Work with your IT department or a third-party advisor to develop an incident response management plan to address these issues.
- Evaluate third-party risk.
Finally, as if there aren’t enough risks within our own systems, you need to ensure that vendors are keeping up with cybersecurity and protecting their systems at the risk of your reputation. An infamous example is the Target breach where cybercriminals notoriously broke in through their HVAC vendor.
Bottom line
Cybersecurity is no longer just an IT department problem. This should be top of mind for employees across the entire organization. Make sure you have strong enough technology budget to protect your business, clients, and reputation.
Unsure of your current vulnerabilities? Contact a Pinion advisor to request a thorough IT evaluation of your business, and implement strategies to mitigate cybersecurity risks and ensure resiliency.