Table of Contents
Who in your business is responsible for protecting your data? Is it your IT team? Data Protection Officer? Chief Information Officer? For the vast majority of us, we believe data protection is a duty we must all participate in, whether its business data or customer data. And with these unique circumstances, that has led to more people working directly from home, this has led to increasing risks, when logging into your company to work remotely, or when reading email correspondents. There has been a rapid increase in the number of phishing emails, scams and general cyberattack types.
1. Control Application and Data Access
When it comes to cybersecurity, access control is one of the more integral components of it, as it allows those responsible for securing the data, to dictate who has access to one, within the company. A hacker needs only to compromise one system within a network, from which they can gain full access to a corporate network. It’s for this reason why controls need to be put in place, and they must be strict, and this goes for confidential and sensitive information also, like customer data.
Every access point within a network presents a new risk, this is why it’s important that employee access should be limited solely to the job at hand. And with the implementation of strict access control measures, like MF2 (multi-factor authentication), organisations can rest assured that people are who they present themselves to be, as this prevents any unauthorised access to logical or physical systems. Having an IT asset inventory is an excellent way to ensure all the correct control measures are where they should be.
2. Watering-Holes
Watering-hole attacks, though, far from the most common cyberattack types, entails cybercriminals targeting certain businesses or individuals that either visit the same websites or have similar interests. Its next cause of action is to then infect one of those sites. The objective is to compromise all systems within the group by infecting one. The idea being, he/she will interact with the other individuals, and inadvertently spread the virus.
Similar to phishing attacks, watering-hole attacks use some form of social engineering. Since small businesses or individuals or a particular group are likely to have a certain level of trust for each other’s choice of website, there’s little reason not to visit them, resulting in them downloading the malicious file to their device in the process.
3. Drive-By Downloads
A drive-by download attack occurs when the end user downloads a piece of software to their system, unbeknown to them. In many instances, this software will likely be infected, however, there are instances when the software is designed to do one of the following:
- Use security vulnerabilities to hijack the target machine.
- Inundate the system with more files and programs in order to render it inoperable.
- Gain access to the system for the sole purpose of spying on user activity, recording keystrokes and saving passwords.
Drive-by downloads are more likely to occur on operating systems that haven’t been updated in a while. Which is why it’s important you’re constantly updating things.
4. Backup Your Data
To begin with, you’ll want to identify the data that you want to backup. This is basically the data that the company needs in order to operate. Data can become corrupted with time, which is why it’s important you have everything backed up.
The number of cyberattacks around today are too numerous to count, but they are only growing in number while becoming more sophisticated. Trojans and viruses are capable of stealing your data, and in more extreme cases, erasing it too. Ransomware attacks are designed to encrypt your data. By having backups of all your data, it means you can quickly restore everything, in the event of an attack, this in turn will allow business to operate as normal, with minimal disruption or downtime.
When you choose to back up your data on the same storage device where the original data is saved, that is not without its own risks. Most back up software won’t even let you do this nowadays, however, if yours does, it’s very important that you keep everything separate. There are tons of different storage options available, including external hard drives, USB sticks, cloud storage etc. You want your backups to be in a different location from the original data files. This is made much simpler if you opt to use cloud storage or an off-site server. The more locations you have your data backed up in, the better. You also want to restrict access to the backups, which means, only select employees will have access to the data.
5. An Incident Response Plan
An incident response (IR) plan is basically what you plan to do, in the event of a cybersecurity situation. An effective IR plan will define actions and measures that the staff will take, in the event of a breach or attack, as it helps to coordinate all the appropriate resources, to quickly restore full functionality.
You want an IR plan that lays out the various roles while providing step-by-step technical instructions on how to effectively asses the damages, fix the vulnerabilities and restore all corrupted or lost data.
You want a plan that aligns everyone, providing access to a data repository that everyone can access and work off, for access to the same data. As all of this will minimise the impact felt from a cybersecurity incident, further minimising the damages and costs that could result from it.
6. Educate Employees
When we look at cybersecurity, we find that the most effective defence, isn’t necessarily technology, but rather the understanding of the employees within an organisation. The reality is, most users have no idea how to identify a possible threat, and are oblivious to most fraud attempts.
For example, over 40% of all employees within an organisation say that they’d be unable to identify a social engineering attack, such as a phishing email. By you, taking the time and spending the money to properly educate your staff, on the various things to look out for, and how to report possible attacks, you can minimise risk while reducing the number of incidents.