Recent years have seen a dramatic increase in the number of ransomware attacks affecting businesses, with more than 700,000 ransomware attempts being recorded in a single year alone. Ransomware attacks can freeze entire systems, prevent operational continuity and cost a significant sum. In addition to downtime costs, it is estimated that victims have paid over £150 million to cyber criminals!
So how can you protect your business from falling victim?
It is true to say that there is no such thing as 100% security as the threat landscape is dynamic and fast-paced. However, the implementation of a multi-layered security strategy will reduce the risk of your business falling victim to cyber-crime. Whilst protecting against ransomware is advised, there are a whole host of methods that cyber criminals use to achieve their goals. The good news is that most security measures provide some level of protection against other types of attack too, not just ransomware.
1. Employee Education
This is a key element of any cyber security strategy, with many cyber criminals preying on the naivety of employees to steal information, transfer money or gain access to systems.
Cyber risk managers worldwide agree that people are the weakest link when it comes to an organisation’s exposure to malware – and hackers use social engineering tactics to exploit the people problem. Stepping all employees through new-school security awareness training is an absolute must to protect your network. Users become your last line of defence and your essential, additional security layer: an effective human firewall. Also, by introducing a cyber-security training program, you incorporate security into the company culture and reduce the risks long-term.
2. Backup critical business data
Backing up critical business data has multiple benefits, including the speedy recovery of such data in the event of a cyber-attack. This allows your business to continue operating and prevents a significant loss of revenue due to downtime. Although the implementation of a backup solution involves investment in hardware or services, the sum is likely to be much less than the cost of a cyber-attack, or other disaster.
3. Implement basic cyber security measures
All businesses should ensure that basic cyber security measures such as a firewall, anti-virus, anti-malware and up-to-date patching are in place. The Cyber Essentials certification is a great place to start in implementing cyber security measures.
4. Controlling removable media access
Removable storage such as USB pen drives, mobile phones and external hard disks are a common way for malware and viruses to spread and affect entire networks. Malware can lay dormant and undetected on a device for months. If a user connects an infected device to your network, there is good chance of the malware spreading. Consider your policies and procedures and look to limit the devices that can be connected to your business network to reduce the risks.
5. Consider cyber security insurance
Should your business fall victim to cyber-crime, cyber insurance could be helpful for small and medium businesses in particular. A team of lawyers and advisors can help your business to respond as effectively and quickly as possible to the attack, depending on your individual circumstances.
Eventura have a team of cyber security experts able to help businesses improve their cyber security practices. The team advocates a model of prevent, detect, respond and recover. How this model could work for you depends on your business and risk appetite. To discuss your current security solutions and how you can plan for the future, please do not hesitate to contact us.