October is National Cyber Security Awareness month, which is an annual campaign sponsored by the National Cyber Security Division (NCSD) of the US Department of Homeland Security to raise awareness about cyber security. Since there have been numerous high profile security breaches thus far in 2017, the topic of cyber security is more relevant than ever.
Just this year we have witnesses WannaCry and Petya ransomware viruses cripple hundreds of thousands of computers around the world, costing businesses millions of dollars to recover files and countless hours of lost employee productivity. A recent survey by Kapersky estimated the average cost of these attacks at $1.3 million. On top of that, the massive Equifax data breach gave cyber criminals personal information of as many as 143 million Americans -almost half the country – adding gas to the phishing fire.
With this in mind, there is no better time than the present to review your security practices, prepare your response plan and remind your employees that they play a part in protecting your company’s sensitive information.
- Educate Employees - Employee cyber security awareness training should be mandatory in today’s business world. Over 50% of all security incidents can be linked to employee error, and most data breaches occur because employees don’t know security policies and/or are careless. According to the NCSD organizations that regularly train their employees can see a reduction in security-related risks of up to 70%.
- Secure All Connections - Networks that are protected only by generic security measures are more vulnerable to attack. Mobile devices, Internet of Things and bring-your-own-device policies broadened the digital footprint of many organizations and provided hackers with many additional points of entry for their attacks. Make sure remote users can only access you network through secure connections like VPNs and make their use easy—and mandatory—for mobile employees who may connect through public Wi-Fi services.
- Enforce Password Rules - Strong passwords are one of the first lines of defense against breaches and changing them occasionally may help keep hackers out. But most staff will not voluntarily update their passwords, even when prompted. Make frequent password updates mandatory to reduce the risk of potential security breaches.
- Protect Corporate E-mail - Email is a major communication channel for businesses, and hackers constantly exploit it as an entry point for increasingly sophisticated attacks. In fact, over 90% of all cybersecurity attacks begin with spear-phishing. Your email security solution must include anti-phish protection, as well as anti-spam and anti-malware filtering.
Advantage works with dozens of service providers that specialize in cyber security solutions. Contact us today and let us evaluate your needs and make recommendations on providers and solutions that would work best for your environment. Until then, remain vigilant and stay safe!