We love this quote from Steve Martino, Senior VP and Chief Information Security Officer at Cisco..
He said: “If you were walking down a dark street in an unfamiliar city, you’d likely be more aware about who else is around you or may be following you. Treat the internet the same way.”
It’s true isn’t it? We’re obviously more vigilant when it comes to our own physical safety, but businesses are still finding it a challenge to keep themselves safe from cyber nasties, and as a result, they’re feeling the pain.
Cyber facts that’ll spook you
Reading a 2019 report from the Government’s Department for Digital, Culture, Media and Sport – there’s a real opportunity to help protect organisations from cybercrime, so that these statistics below become a nightmare of the past:
- 32% of businesses report cyberattacks or data breaches.
- The average financial loss businesses suffer when they do is £4,180. This goes up to £9,270 for medium sized firms and £22,700 for larger businesses.
- The cyber culprits responsible for damaging businesses include: phishing attacks (80%), cybercriminals impersonating an organisation in emails or online (28%), plus viruses, spyware or malware, including ransomware attacks (27%).
The powerful triumvirate to keep the nasties at bay
The reason why the Government is still reporting such a bleak story when it comes to cybercrime, is because sometimes, businesses struggle to take a holistic approach to cybersecurity. In other words, they’re locking the front door, but forgetting to close the windows.
Kevin Prone, Head of Services at Nowcomm explains this a little further. He believes that in order to create a secure environment, organisations must remember to focus on three things: people, processes, and technology.
He said: “One won’t work without the other. For example, if you invest in firewall technology, but your people don’t know how to configure it, and there aren’t the processes in place to keep it up to date – you’re opening yourselves up to cyber threats.”
Kevin continued: “I read an FSB article that said less than half of businesses have a strict password policy for their devices. That’s a perfect example of where the triumvirate of people, processes and technology needs to work together.”
Having said that, Kevin also believes that businesses shouldn’t beat themselves up about doing everything at once. He believes it’s about taking steps to get better over time – across the three areas of people, processes and technology – and being flexible enough to accept you’re never done when it comes to cybersecurity.
This is also a sentiment held by Cisco in their Small and Midmarket Businesses report. They say: “…incremental change is better than no change…” and that “…businesses also must understand that there is no ‘silver bullet’ technology solution to solve all of their cybersecurity challenges. The threat landscape is too complex and dynamic…”
Six things to help scare away the cyber criminals
Make Halloween 2019, the day you start taking steps, to get better at putting those cyber nasties to bed.
Here are six recommendations from Kevin to protect your business – while ticking the people, processes, and technology boxes.
- It all starts with the humans.
Your people are your first line of defence when it comes to cybersecurity. It’s not just down to the IT department to worry about. Employee cyber education is key. Do your people know how to identify suspicious emails? Are they cautious of free Wi-Fi when using public devices?
- Take the litmus test
Cyber risk assessments are a brilliant way to get a high-level view of your organisations’ ability to identify, protect, detect, respond, and recover from cyberattacks. Starting with a simple questionnaire, you can glean a good grasp of where your strengths and weaknesses lie.
- Face your demons.
You can get help to face your demons head on, with tools that rate the severity of any cybersecurity vulnerabilities you may have on your network infrastructure, using a 1-10 scoring system where 10 represents the most severe problem.
- Keep the dark web at bay.
The dark web is where cyber criminals reside. Dark web threat alerting services exist to monitor all the domain names associated with your business, proactively looking for security breaches.
- Know your enemy.
Special software can be used to plug into your network infrastructure and take live data feeds from your devices, applications, servers and domains to analyse the activity that’s going on across your entire networked environment.
- Bring in the ghost busters.
When cyberattacks take hold, you need to quickly regain control of your infrastructure, contain the attack, and ultimately bring things back to normal. If you don’t have the time, skills, expertise and the right tools to deal with this situation – there are specialists who can help.
Let Nowcomm help you
At Nowcomm, we offer a consultative and ongoing approach to protecting your organisation now and in the future. Talk to us about:
- Security assessments to review your current security set-up, and assess what more you need now, and in the future.
- Staff awareness training, covering the ‘do’s and don’ts’ as a quick and easy way to increase security vigilance in the workplace.
- Back-up and business continuity services, so you can quickly recover your business and promptly restore service to your customers after a cyberattack.
- Securing your network services, with endpoint protection, wherever and whenever users connect to your business.