In the rapidly evolving digital landscape, cyberattacks remain unpredictable and, at times, seemingly unavoidable. The statistics are telling nearly one in five charities reported falling victim to a cyberattack in the last year, a figure that continues to rise annually. Cybercriminals are becoming increasingly sophisticated, exploiting vulnerabilities in less fortified security systems.
However, while cybercriminals are growing wiser and more strategic, there are measures that can be taken to mitigate the risks to your organisation. Just as you secure your valuable possessions out of sight and install alarms to deter physical theft, exercising due diligence with your digital systems and investing in digital security can significantly reduce opportunities for cybercriminals and, in some cases, prevent an unprecedented attack.
Here are six straightforward methods that can fortify your organisation against the potentially devastating consequences of a cyberattack.
Regular Software Updates
Software updates are often associated with improving performance, enhancing features, and ensuring compatibility with various devices or applications, all of which contribute to more efficient software operation. Equally important, these updates provide crucial patching of potential security vulnerabilities within your system.
The infamous WannaCry attack in May 2017 exposed outdated IT systems, including the use of a 17-year-old Windows XP operating system. This security lapse cost the NHS an estimated £92 million. Companies like Microsoft, Adobe, and Apple release high-severity updates to proactively address known vulnerabilities. Skipping an update because it takes a few minutes of time can lead to permanent repercussions.
For peace of mind, consider setting up automatic updates for trusted software across your mobile devices and computers.
Antivirus Software
Antivirus software serves as the digital “policeman” standing guard at the gateway of your computer system. It protects, detects, destroys, and warns of potential threats to your system. With new viruses emerging continually, antivirus software remains up to date with the latest threats in real-time. It identifies the unique identification information, known as a “signature definition file,” associated with each virus and takes immediate countermeasures to ensure ongoing protection.
Neglecting antivirus software is akin to inviting a criminal into your home. Like software updates, antivirus programs may require occasional updates or prompt the user to do so.
Firewalls
Firewalls are network security devices that act as the initial line of defence, monitoring incoming and outgoing network traffic and deciding whether to permit or block it based on predefined security rules.
Firewalls typically fall into four categories:
- Proxy: Proxy servers offer additional functionality such as content caching and security by preventing direct external connections to the network.
- Stateful Inspection: This traditional firewall type allows or blocks traffic based on factors like state, port, and protocol. It monitors activity from the initiation of a connection until it’s closed, with filtering decisions made according to defined rules and context.
- Unified Threat Management (UTM): UTM devices combine stateful inspection firewall functionality with intrusion prevention and antivirus features. They may also include additional services and cloud management, focusing on simplicity and ease of use.
- Next-Generation (NGFW): As cybercriminals become more adept at finding new intrusion methods, firewalls are evolving with increased functionality to thwart advanced malware and application-layer attacks. Many NGFWs also provide threat detection and remediation.
Email Encryption
Email encryption safeguards the content of messages, ensuring they can only be read by the intended recipients and remain indecipherable to anyone else. Encryption involves converting plain text into scrambled cipher text and relies on a Public Key Infrastructure (PKI), often employing both a private key (known only to you) and a public key (known only to those you choose to share it with).
Only the recipient with the private key corresponding to the public key used to encrypt the message can decode it. Any other recipient sees unintelligible text.
Additionally, many individuals have begun to whitelist email addresses to “safe sender” lists, which are manually managed. However, this approach requires regular updates, particularly when communicating with senders outside your primary organisation, to prevent messages from being routed to your junk mail.
Multi-Factor Authentication (MFA)
Multi-factor authentication adds an additional layer of protection and security against compromised credentials, just as you require more than one form of identification at an ATM (e.g., a card and a PIN). While cloud-based remote work becomes the norm, MFA for business applications offers an extra layer of security. Common MFA implementations include the “something you know” factor (e.g., a password) and the “something you have” factor (e.g., a one-time passcode sent to your smartphone or provided via a token).
In addition to providing heightened security, MFA can serve as an alert for potential threats. If a hacker attempts to authenticate an account, the targeted employee receives a notification for the second authentication factor, prompting them to take action and address the potential breach.
Employee Awareness
Often overlooked but fundamentally crucial in preventing cyberattacks is investing in employee awareness. A report by the International Association of Privacy Professionals (IAPP) revealed that over 92% of data breaches resulted from human error. While human error cannot be eliminated, it can certainly be mitigated through comprehensive training in two primary areas that serve as security assets for your business:
- Policy Compliance
- Incident Response
Teaching employees how to accurately identify common IT security threats, such as phishing emails, and providing reminders regarding the importance of regularly updating security software, fosters a more security-conscious workforce. This, in turn, adds an additional layer of security to your organisation. Developing an incident response plan is akin to preparing employees for potential fire outbreaks: should an incident occur, your organisation can respond in an organized manner, maintaining control and minimizing damage.
Never underestimate the power of stating the obvious and conducting regular IT security checkbacks. Common risks like confidential records left on desks, passwords written on post-it notes, unattended screens displaying sensitive information, and CCTV cameras directly pointed at screens all represent “obvious” potential vulnerabilities that could serve as an open invitation for cybercriminals.
Furthermore, as cloud-based work becomes the standard for most organisations, the widespread use of personal computing devices like smartphones, laptops, and tablets with access to the corporate network increases. Deploying a mobile device management solution enables the IT department to manage these devices efficiently, simplifying security maintenance and reducing risk.
Even with the most stringent vigilance, cybercriminals continue to exploit emerging technologies and discover loopholes to gain access to valuable data. A critical safety net for any organisation is to ensure a robust backup system is in place in case of the “worst-case scenario.” Maintaining a current and automated backup can make the difference between a smooth recovery from a destructive virus or ransomware attack and a stressful, costly downtime with data loss.
Traditional backups, such as tapes or static servers, had the drawback of becoming outdated. However, the development of cloud technologies like Microsoft Azure offers dynamic backup solutions, including the restoration of individual files and machines. This approach offers ease of use, cost-effectiveness, and peace of mind for organisations worldwide.
