Doesn't it feel like every day we are being issued another warning about a new cyber security threat? It's all for good reason that the warnings keep coming in. In addition to the extremely high percentage of businesses being affected, according to the "2022 Cybersecurity Almanac," the cost of cybercrime is estimated to hit $10.5 TRILLION by 2025! However, even with all the warnings, stats and information, there are far too many businesses that aren't taking cyber security threats seriously.
Your business data is not the only thing that you could lose if you were a victim of an attack. The cost of remediation or migration can run into tens of thousands of dollars! And on top of this, your business will suffer an average of 21 days of downtime after the attack. How would your business survive without being able to use your technology as normal? Your clients may also lose faith in your business, which could cause losing them in the long run. It really is crucial that your business is taking cyber threats seriously and that you are taking the proper steps to help prevent attacks.
The safest way to keep your business's cyber security reliable is to have a layered approach, which means that you have several solutions working together to give you a level of protection that is right for your business. This won't mean that you will never get attacked but it will significantly reduce your chances. But if you do fall victim, it will make your recovery So. Much. Easier.
The Key to excellent and reliable cyber security is having the right balance between protection and usability. There are three common mistakes that are made by businesses - and they're also some of the most dangerous mistakes to make.
Is your business making any of these?
Big Mistake number 1) Not restricting access
Different employees will have different needs when accessing company files and applications. If you allow everyone access to everything it opens up your entire network to criminals. You should also make sure to change access rights when someone changes roles and revoke them when they leave. Make sure you are keeping updates on what your employees have and what they need.
Big Mistake number 2) Allowing lateral movement
If cyber criminals gain access to a computer used by a member of your admin team, that might not be a disaster by itself. But what if they could move from your admin system to your invoicing system… and from there to your CRM… and then into someone’s email account? This is known as lateral movement. The criminals gain access to one system and work their way into more sensitive systems. If they can get into the email of someone who has admin rights to other systems or even the company bank account, they can start resetting passwords and locking out other people. THIS IS SCARY STUFF. One strategy against this is called air gapping. It means that there’s no direct access from one part of your network to another.
Big Mistake number 3) Not planning and protecting
Businesses that work closely with their IT partner to prepare and protect are less likely to be attacked in the first place. And in the event of an attack will be back on their feet faster. You should also have an up-to-date plan in place that details what to do, should an attack happen. This will significantly shorten the amount of time it takes to respond to an attack. That means you’ll limit your data loss and the cost of putting things right again.
If you know you’re making one (two, or even three) of these mistakes in your business, you need to act quickly. But don't panic because we can help.
Give us a call, and we’ll review your current security arrangements.
Until next time, keep fit and have fun!
(TYYV) The Yada Yada Version:
Even with the many many warnings that are out there about cyber crimes, businesses still aren't taking cyber threats seriously. Businesses commonly make three big mistakes when it comes to cyber security and yada yada yada it's probably time for you to check on your cyber security plan.
