The internet has become a space riddled with malicious links, viruses and trojans. Data breaches are more regular and every 19 seconds in the UK, a small business is successfully hacked, according to research by Hiscox.
The total number of attempted attacks ranged from 900 to 359,000 in a 24 hour period. According to the insurer, almost one in three UK small businesses suffered a cyber breach last year which is equivalent to one successful attack every 19 seconds. Cyber security incidents costs over £25,000 on average in direct costs for small businesses, alongside the stress and loss of customer trust. When one click can cost thousands, and even millions, business owners need actionable to-do’s that can help them and their business stay alert and safe online.
The most alarming results of the research by Hiscox, is that the majority if those that suffered an attack, admitted to making no changes to their policies or systems to help prevent further breaches in the future. So how can we stop this happening to your business?
With the mass change to remote working earlier this year, most businesses didn’t have much time to introduce an entire new IT system and now those systems aren’t used how they were designed, opening businesses up to more cyberattacks. Working from home or remote working is set to be the norm for the foreseeable future, meaning this could be a huge problem for many businesses.
Use Two-Factor Authentication
Two-factor or multi-factor authentication is an authentication mechanism to double check your identify is legitimate. It’s designed to make cybercriminals lives harder and reduce fraud risks. If you already use a basic password security measure, two-factor authentication will make it more difficult for cyber criminals to breach your account.
Cyber attackers have the power to test billions of password combinations in a second. On average, 65% of people use the same password, which is very similar to have one key for your house and car!
Authentication can come in various different forms: Something you know like a password; Something you have, your mobile phone and something you are, DNA. This offers you an extra layer of protection, other than your password and for cyber criminals to get that second authentication method, they would have to be very close to you.
Carry out user awareness training
Employees are the weak link in IT security. Social engineering is the number one security threat to any organisation and the alarming growth in sophisticated cyberattacks makes this problem only worse, as cybercriminals go for the low-hanging fruit: Employees.
No matter how much money, effort and time you put into your cyber security strategy, cybercriminals are still relying on human error to gain access to your systems, and this does work. Using the same weak passwords for multiple accounts, clicking on disguised links or even falling for phishing emails are just some of the ways employees could subject your business to cyberattacks.
Invest in your employees by providing cyber security training, enable them to make smarter security decisions, every day.
Update operating systems, software and IT infrastructure
Software updates are important to your digital safety and cyber security. The sooner you update, the sooner your device is more secure – until the next update reminder. Security updates provide plenty of benefits in each revision. Repairing security holes that have been discovered or removing computer bugs.
Updates can add new features and remove outdated ones and ideally, your operating system should be running the latest version too.
Hackers love security flaws, also known as software vulnerabilities. A software vulnerability is a security hole or weakness found in a software program or operating system. Hackers can take advantage of the weakness by writing code to target the vulnerability. The code is packaged into malware — short for malicious software
Cybercriminals are banking on businesses not updating or patching their systems or software so that they can exploit vulnerabilities and deal damage. If an update is available, it should be applied at the earliest and most practical opportunity.