As with many things in life, cyber security prevention is always a better option than taking a risk and deciding to deal with the fallout when you become the victim of an attack. And it absolutely is a case of when, not if, an attack happens.
It is easy to assume that you will not become a victim of a cyber attack if you have not experienced any problems in the past, but you are a target regardless of the type or size of the organisation/business you work in.
Don’t assume your organisation or job is not important or relevant enough for cyber criminals to be interested in you. Everyone and anyone who has a computer account, online presence, or even bank account for business, personal or both is a potential target.
Statistics from the Cyber Security Breaches Survey 2016 found that 65% of large firms detected a cyber security breach or attack in the year leading up to the publication of the survey. And you must remember that these figure are only for companies who actually reported their breaches to the correct channels.
The threat from cyber and online attacks is increasing all the time, with hackers and cyber criminals finding innovative new ways to target organisations and individuals.
According to a report released yesterday by the NCSC and NCA,
“The cyber threat to UK business is significant and growing. In the three months since the NCSC was created, the UK has been hit by 188 high-level attacks, which were serious enough to warrant NCSC involvement, and countless lower level ones.”
Many organisations, large and small, can find that even setting the most basic defences and safeguards to protect their assets and data can be difficult to implement, both at a board level and amongst staff.
There are a number a simple steps which are essential in setting the groundwork for a secure organisation, including;
- Ensuring there is clear guidance for all staff within the organisation to set strong passwords which are changed regularly;
- Sending regular and updated patches for all computers within the network, especially for firewalls – setting automatic updates on a certain day or time is a good idea to ensure everyone is up to date;
- Making sure staff are aware of the potential threats and implications of their actions online and providing training where possible on best practice e.g. not clicking links or opening attachments from unknown or unexpected emails;
- Having a regular back-up system in place for all data and systems;
- Having clear, consistent and updated online and cyber processes in place that the whole organisation must stick to;
- Understanding what your vulnerabilities are and making regular and pro-active improvements .
There are also a variety products and services which can enhance your ability to prevent attacks to your organisation, including:
- Managed Firewall. This is the first crucial layer of protection against cyber-attacks. It offers powerful protection against viruses and malware for your whole network.
- Phishing Simulation and Training. This provides you with analytics on the vulnerability of your staff and users to phishing emails and offers essential training on information security.
- Cyber Security Monitoring. This acts like a burglar alarm for possible hostile traffic or attacks that have dodged the network firewall.