Four Simple Cybersecurity Fundamentals — Cynexlink
You hear statistics like this all the time: last year, the cost of the average data breach was $3.86 Million. Furthermore, by the end of 2021, worldwide cybercrime costs will hit $6 trillion annually.
Both figures are true but seem so large they’re actually hard to relate to. That said, we can say from experiencing panicked inbound calls from prospective clients who have been hit by ransomware: hackers target businesses of all sizes.
Why? It’s just a numbers game. The evidence shows that 95% of cybersecurity breaches are caused by human error so they probe and they probe looking for the easiest prey, usually through some form of email scam.
Hit a small business for five grand here, a larger one for $150k there… pretty soon you’re talking about real money, as the saying goes.
Because most cybersecurity breaches happen due to an organization’s own negligence or carelessness, be sure you are following these tips — at minimum — to protect your data from cybersecurity attacks:
1. Keep Your Tools Updated
It is imperative to always install security/antivirus/anti-malware software on your system. It is all the more important to install software updates for your applications, programs, and operative system. The best way to stay updated is to have IT experts like us manage patches and system updates, white labeling them and ensuring they work as intended before installing. If you don’t have such IT support, however, then turn on automatic updates whenever possible. Also, make sure to keep browser plug-ins up to date and use safe web browsers that get automatic and frequent security updates such as Firefox and Chrome.
2. Password Management
It’s convenient and easy to use the same password across all your subscriptions. Unfortunately, it is also convenient for the hacker to steal your data — breach one system and they’ve breached them all. A password manager generates unique, encrypted passwords for each of your logins and enters credentials automatically. Tools like Keeper and LastPass are such simple and elegant solutions, we can’t understand why everyone doesn’t use them.
3. Learn to Spot Suspicious Emails
Most understand the need to be vigilant and suspicious of any official-looking email that demands bank details or other personal information. To help employees learn how to avoid and report such emails and calls immediately, companies should strongly consider ongoing anti-phishing training. Since email remains the primary threat vector, this inexpensive solution offers perhaps the greatest ROI of all cybersecurity investments.
4. Never Leave Devices Unattended
Physical security is as important for your network as technical security. When in public settings, encourage employees to lock their devices by before leaving them even for a short period of time. Also, create org-wide screen timeout defaults, lock your server room and provide employees with lockable desk drawers as well. Good cybersecurity requires a cultural focus.
Cybersecurity does not refer to any single solution (anti-virus, firewall, etc.), it is achieved through layers of protection that are meant to frustrate cyber criminals and encourage them to go elsewhere.
While there are many more complex tools and solutions that help protect larger organizations, businesses of all sizes should be practicing the core fundamentals outlined above if they want to avoid becoming one of the statistics.