Why you should be taking your Cyber Security seriously.
Posted 23rd March 2022
One aspect of the pandemic that has been regularly overlooked is the increasingly clever tactics used by cybercriminals to access our sensitive files, data, and information. No organisation appears safe, with news already that in January 2022, the International Red Cross/Red Crescent were victims of a hack that exposed the details of 500,000 vulnerable people (many of them victims of war). If this shows us anything, it is that Cybercriminals have no boundaries when it comes to their potential targets. If they can attack an organisation that focuses on saving lives, that can attack your business too. And while an attack on a smaller company may not hold the life-or-death implications that a hack on an international human rights charity will have, the negative impact on your business has the potential to be life-changing.
At this point, you need to know how a cyberattack will affect you, so here are some valuable stats; 43% of all cyberattacks involve SMEs, 60% of SMEs go out of business within 6 months of a cyberattack, the most common types of attack in 2021 (based on UK Government statistics) were phishing attacks, and Cybercrime rose 600% during the pandemic. If you crunch those numbers, Cyber Security begins to feel far more serious.
What impact can a cyberattack have on your business?
The impacts of a cyberattack can be wide-ranging and potentially expensive. For example, a hack where someone enters your system and steals sensitive information can lead to loss of confidence and reputation and, where a GDPR breach may have occurred, a large fine.
In more extreme cases, your entire IT system could be closed down and held to ransom (again, no business is immune to this, as Acer discovered last year when they were breached by the REvil group and ended up paying a $50million ransom). Aside from having to potentially pay a ransom, take a moment to imagine how hard it would be to operate your business without any computers or documents available to you; ransomware and CRYPTOvirus attacks can leave your systems unusable.
So, there’s the potential of fines and lost earnings, and then you need to add in the cost of reactive IT support, of paying a team to come in and try to fix your system. And, if they do manage to fix it, can you trust that they’ve removed all the malicious software that may be hidden within it (some programmes are called Trojan for a reason). So, that probably means purchasing new devices, another unexpected cost. When you start thinking about it, it becomes easier to understand why so many SMEs find themselves shutting their doors within 6 months of an attack. That’s why everyone needs to take their cyber security seriously.
How to start taking your cyber security seriously
Cyber Essentials Certification
One of the first things you can do to protect your business’ IT is begin working towards Cyber Essentials certification. Cyber Essentials is a government-backed scheme that helps companies identify where their cyber security is lacking and outlines ways to close the gaps. Working towards Cyber Essentials and achieving certification is also an excellent way of proving how seriously you take cyber security (just in case you find yourself dealing with the ICO).
Running daily system backups can mean that you can still access all your important information and data if you find yourself locked out of your IT system. This at least gives you a healthy starting point to begin rebuilding your business. Ensure it has ransomware detection so your backup system can detect it in the data. Make sure a copy of the backup is ‘off net’ so that a severe attack doesn’t also encrypt all your backup data as well – trust us, we have seen this.
Improve your Endpoint Security
Endpoints are any devices that can access your system. So, for example, if you have staff laptops/workstations/tablets or phones to access company information, those devices are Endpoints. Using multiple devices for work is pretty standard, but it also makes them targets for cybercriminals. Endpoint security adds an extra layer of protection between you and the criminals.
Increase Data and Network Security
One of the best ways to keep your network and data secure is using a joined-up approach. Using a product on its own won’t protect your system, but a variety of solutions that work together well. This includes things like 24/7 system monitoring, user awareness training, and advanced Firewall and Perimeter security.
While you can never be 100% protected from a hack or data breach (in the same way that your house is never going to be 100% burglar proof), it is possible to implement solutions that can make it incredibly difficult for a potential cybercriminal to succeed.
The team at LP Networks have extensive experience in providing effective cyber security solutions to businesses of all shapes and sizes. If you’d like to speak to someone about taking your cyber security seriously, get in touch.