Hacked Again!

Not a single week goes by without some breaking news on some organization getting hacked, having their data stolen and then leaking it out to the internet.

Theses large organizations lose millions whenever a breach happens , the chances of a small business surviving a cyber attack are slim to none for they do have the deep pockets of the large organizations.

Big names like Deloitte,Verizon,Sony and Central Bank of India all getting hacked, leaves one wondering, “if the big names can get hacked then what about a small business ?”. Preventing a cyber security incident is easier than it looks and these are the five best ways to protect your business from hackers.

1.Understanding your Threats

There is a full Cyber War going on right now, the war is between hackers and organizations. The hackers want to steal organizational data for their own financial gain while the organizations are trying to prevent this data loss.

Knowing what your threats are, where they come from,and what they are after can only come from understanding your weaknesses as a business. The Business must understand what are the business critical data and what is not, it must determine whether the threat is likely to come from an insider or an outsider.

To know thy enemy is to know thyself, business should consider a Cyber-risk audit to understand their security stance.

2. Encryption

What they cant read they cant use! Having your business get used to idea of encryption may seem like a hassle but it is worth it, for some reason businesses think that encryption is bad for them or it slows down systems.

This is not the case, encryption can be automated and seamless, documents remain encrypted unless the correct password is entered. Full disk encryption ensures that the whole disk is encrypted rendering useless to hackers.

3.Physical Security

Most business that have data rooms or a server have not been properly secured, the data rooms either do not have access control or the servers themselves do not have locks on them. Physical access is a major cause of data loss, easy to access data cables can be tapped into and unsecure USB ports can be abused.

Business need use physical deterrents such as access control locks for server rooms, actual locks and steel cable for hardware. Having these physicals controls in place deters would be attackers and reduces your companies cyber risk!

4.Backup Back Up

Any one whos has ever lost data due to a computer crashing knows how frustrating it can be not have back ups, now imagine a business that doesn’t have backups and falls victim to hardware failure. That business would come to a standstill and they would resort back to paper and pen!

Having a backup policy is the only way to mitigate this type of cyber risk, having frequent, up to date and offsite backup is critical for business continuity. In Fact the best way to mitigate the nightmare ransomware attacks is to have clean back-up of your data.

“Some people in business believe that if you spend alot of money on new technology then your risk of being hacked is significantly reduced-THIS IS A LIE !”

5.Cyber Security Culture

Having a cyber security culture in the organization is the most effective and efficient way to mitigate cyber risk in any business. Employees need to have good “Cyber Habits” instilled in them until it becomes second nature, the way to achieve this is to have Cybersecurity Policies that are in line with your business.

Dependence on “Expensive Shiny Tech ” didn’t save Sony, Deloitte nor Verizon from hackers, the common factor in these attacks was a lack of cyber aware culture. Employees must not access personal emails at work, they must not bring unauthorized devices to work, such habits could have saved them millions.

Cyber habits can be instilled by having a clear and easy to understand internet use policy, BYOD policy and other policies, employees must know what is allowed,what is not and the consequences of not following the policy, policies must also be enforced.

Employees must be constantly reminded of the emerging cyber threats and how to mitigate them, this can be achieved through quarterly training and informative posters that remind employees of the ever changing Cyber threat.

As a business owner, cybersecurity is never on one’s mind until it’s too late.With the statistics showing that small and medium size businesses struggle to recover from major cyber attacks, it’s good to know that these 5 simple tips will help lower the effect of one.