Cyber Security Fundamentals for Businesses
by Neil Conchie, on Dec 16, 2020 9:15:00 AM
A cyber security incident has the potential to be catastrophic for both your business and your customers, but what steps can you take to help protect your business? We’ll have a look at some of the fundamental cyber security steps alongside some popular misconceptions in this article.
What is cyber security?
Cyber security can be easily defined as the protection of information on networks, devices and services from theft or damage by electronic means.
Aren’t cyber attacks targeted though?
Whilst it is true that some cyber attacks are targeted, the vast majority are opportunistic and can affect any organisation at any given time. The simple fact is that if you are connected to the internet, then you are at risk of a cyber attack or incident. A good example of this is the WannaCry ransomware attack which impacted a range of organisations from large national companies such as the NHS right through to shipping companies. The truth of the matter is that all organisations hold value to a cyber criminal in the form of data.
Cyber threats are always external
Did you know that almost 75% of all data breaches are a result of someone already within the company or organization? Whilst not all of these are malicious or deliberate it certainly highlights the fact that having a robust policy and staff training is important when it comes to ensuring data is safe.
Cyber attacks are so sophisticated I couldn’t possibly stop them.
The vast majority of cyber attacks are based on well-known techniques which can be easily defended against, and whilst some attacks are highly sophisticated this is certainly not the norm. This simple fact means that a lot of these attacks can be prevented with some basic cyber security measures which we will look at below.
So how can you help reduce the risks of a cyber attack?
Assess your current systems
The first stage of preventing a cyber security policy is to create a map and work out which systems are connected to each other and who has access to those systems or networks. By working this out as part of your planning you are creating a resource that you will require in the unlikely event of a cyber incident as this map will allow you to assess the damage an attacker could inflict and to help you make decisions on remedial actions required.
This is likely to then influence your risk assessment as it has the potential to highlight any weaknesses or vulnerabilities in your system or network such as people who have access to data that they do not need or which is sensitive, or a system or programme which is outdated and in need of updating to ensure optimal protection. You should also identify your core assets and ensure that they are well protected examples of these core areas could be your customer database, your website or order processing system. If you are doing this process following a cyber incident this can also allow you to look back over your systems and identify the point at which an attacker was able to gain access to your systems.
If you have a large system, this can seem like a daunting task, but it is vitally important to map your system to ensure you have as many potential vulnerabilities covered as possible.
Understand & assess the threat
Depending on your type of business or organisation can change the type of cyber threat that you might face which can mean keeping an eye on the landscape around your particular industry and ensuring that you are up-to-date so that you can keep the correct preventative systems up to date. This can be supplemented with an awareness of other cyber incidents which may have happened recently to ensure that you are aware of the intent of attackers which may highlight a particular risk.
A good practice here is to collaborate with people within your industry or sector to share information on current threats and best practices to ensure you are as protected as possible.
You can also sign up for information about fraud and attacks in your area on the Action Fraud alert website.
This can then shape how you will proactively defend your information and systems based off what are your core systems and where the likely threat lies.
Our top cyber security tips
Use anti-virus software
Using reputable anti-virus software and making sure that it is turned on in all of the parts of your network is absolutely vital and can help you flush out any viruses that may have made it into your system.
Use a Firewall
Ensure you are using a reputable Firewall and that it is switched on at all possible access points to protect your system from attacks.
Ensure all devices are up to date
A lot of software and system updates contain security updates and patches based on the latest data and attacks, so ensuring that all systems and devices are on the most up-to-date software is another layer of protection. Most systems have the option to turn on automatic updates which can save your team time on checking for updates, although it is good practice to check periodically that all devices are up to date.
Identify essential data and schedule regular backups
In the case of lost or damaged data, having a backup is very important. It is especially important to consider how many copies are made and where they are stored, if you are storing your backup on the system or network you are backing up then if this system is the one lost your backup is too. It is up to you how often a backup is created and whether it is automated, but is worth taking regular backups and ensuring they are stored away from your main systems, such as by utilising cloud storage.
Use password protection
Consider turning on password protection on all of the devices within your organisation to reduce the chances of unauthorised or forced entry.
Create an organisational password policy
A password policy is the simplest way to ensure that passwords are harder for would-be attackers to get hold of. Your policy can include specifying the length, capitalisation and whether passwords contain numbers and symbols to ensure that they are secure, and also whether they need to be changed at specified intervals.
Another way of protecting passwords is to provide access to a password manager for your staff to avoid them potentially having to write password down which can be intercepted or lost.
You could also ask staff to use two-factor authentication as part of your password policy to protect core systems such as email.
Limit the use of external drives
An external drive can easily infect your system or network with a virus or a malware file. By limited the use of external drives you are limiting the number of access points to your network which can help protect you from a cyber incident or data breach. You could do this by providing secure external storage devices or by blocking off access ports for those users who have no need for them to discourage the use of these drives.
You can also specify that all external drives are scanned before being used within your system which should ensure that any harmful files are dealt with before they can infect your system.
Another way to approach this could be to create a list of USB drives and those who are allowed to use them so that these can be monitored regularly and scanned to ensure they are safe for use in your system and review this regularly.
Only allow access to systems to those who need it
Consider who on your team has access to what systems and limit access only to those who need it. This can help to mitigate breaches which originate from someone within your business or organisation as sensitive information is only available to those who really need it rather than by all of your team who could maliciously or accidentally reveal it to a would-be attacker.
Restrict the downloading of 3rd party apps and software
Files downloaded from the internet are another potential avenue for malicious files to enter your system, so restricting the downloading and installation of files which originate from the internet can be a good preventative measure.
Provide staff training
Educating your employees on what to look out for when it comes to cyber threats is a key part of any protection plan. Your training should include a lot of the points listed above in some form or another so that they can all be vigilant to threats to the business that could be through their own personal external devices, phishing emails and files they might download from the internet.
Ensure you have an incident management plan
Prevention is by far more effective than cure, but ensuring that you have a plan in the case of a cyber incident is a vital part of your cyber security management plan which includes how you will communicate with your team.