It's been said that cybercrime will cost around $6 trillion per year on average through 2021. The true cost of cybercrime is almost unmeasurable though. The direct cost of a security breach is only one number, the damage to shareholder and investor perception is another. That being said, there are ways to protect yourself and your business.
1. Focus on the basics first
It’s not just big, techy/code things you need to focus on, leave that to the IT dept. There are plenty of small things that really help. Make sure each member of your team has passwords that are strong and long, and encryption is being used at all times. Do you have a dedicated response team ready to deal with attacks? If not – set one up. Have fun with it too. Imagine you and your team are criminals and try to hack into your own business – identify vulnerabilities and then fix them.
2. Educate yourself and your employees
Take the time to teach employees:
· How cyber-attacks operate
· How to react in case of a cyber attack
Hiring a risk management IT service speaker for a one day seminar is relatively inexpensive but will pay for itself very quickly, and give you piece of mind that you are on the right track security wise.
3. Always update your software
I remember a few years back with my Mac. I didn’t update for over five years! They took some functionality out of my iTunes and I was livid. Spite: not an ideal trait to have in IT. Keeping all your software up to date plugs holes and leaves fewer weaknesses for hackers to get in. Update patches and fixes as they become available. Hackers are sophisticated individuals though, so you may never be safe from all harm, but when you have at least 3 multiple layers of security controls:
· Intrusion prevention system (IPS)
· Intrusion defence system (IDS)
You’ll have a better defence against any sort of attack that comes your way.
4. Stick to your policies
So, you’ve done steps 1, 2 and 3, now you have to make sure everybody sticks to the plan.
· What is your protocol if a team member loses a company device?
· What is your BYOD policy?
· What is your Wi-Fi best practice policy?
· What is your social media policy?
· Who has user privileges - for which files?
Make firm policies and stick to them.
5. Perform audit checks to ensure policies are being followed
Step 5 is audit. It’s all very well to do the steps once, but it’s imperative to check in and see things are getting done consistently. If you are running a monthly audit of your systems, you’ll be more agile and able to respond to attacks.
Do you have a cyber security system in place? Let us know how you implement it.