Photo courtesy of digitalshadows.com
In 2004, the Department of Homeland Security and the National Cyber Security Alliance dubbed October as National Cybersecurity Awareness Month (NCSAM). Since its inception, cyber threats have reached unparalleled heights, making cybersecurity one of the most important aspects of running a successful business in today’s world.
National Cybersecurity Awareness Month
As our lives become more and more dependent on technology each day, cybersecurity awareness has also become vital to our well-being. However, cybersecurity awareness month isn’t just about becoming aware of cyber threats.
“While the speed at which technology and information move can expose us to new risks online, it also enables a level of sharing and cooperation that can make us more resilient to cyber threats,” says FBI Cyber Division Assistant Director Matt Gorham. “National Cybersecurity Awareness Month isn’t just about understanding the risks, but also emphasizing our collective power to combat them.”
While National Cybersecurity Awareness Month is coming to a close; cyber threats pose problems to businesses 24 hours a day, seven days a week. With how connected we have become to our own respective businesses, we can pretty much work from anywhere, anytime we want. Given that, it’s extremely important to make cybersecurity a top priority at your business.
Eight Cybersecurity Practices to Protect Your Business Today
Use a firewall – While a firewall or any one of these eight practices alone aren’t going to keep your business 100 percent safe from a cyberattack, a firewall is your business’s first line of defense. Perhaps one of the most important things to mention is to ensure remote employees have a firewall on any network on which they are working. Remote employees are becoming more and more prevalent but just because they aren’t in your physical office, does not mean a hacker won’t be able to access your network from a compromised employee who works remotely.
Implement Cybersecurity Policies – Policies are probably one of the most dreaded tasks for upper management or executive management to tackle. They are arduous and boring. However, policies often have protocol and training requirements for employees. What happens when you incur a cyberattack? Check out the policies. Do I really need to have all of this cybersecurity training? Look at the policies. It gives management a tool to follow for every employee working for them and will aid in your disaster recovery should you be hit with a cyberattack.
Furthermore, stagnant policies for cybersecurity are not enough. It’s essential to have regular updates on new protocols. It’s also vital to have employees acknowledge their understanding of the policies and understand that actions may be taken if they do not follow security protocols.
Mobile Devices – According to Tech Pro Research, 59 percent of businesses currently allow BYOD (Bring Your Own Device) within their company. BYOD meaning you can use your existing device for business purposes. Norton by Symantec recommends that businesses require employees to set up automatic security updates and require that the company’s password policy apply to all mobile devices accessing the network.
Education – Have you seen this before? Well, we are going to say it again. Educate your employees. Not only on overall cybersecurity but on the evolving threats your business could face each day. A new strain of ransomware came out? Educate your employees on how this strain is infecting users and how they can avoid becoming infected. They call it continuing education for a reason – it must be continuous and constantly updated.
Passwords – The Verizon 2016 Data Breach Investigations Report found that 63 percent of data breaches occurred due to lost, stolen or weak passwords. Passwords are certainly one area that can be the biggest pain. Why do I need to have a different password for every single thing I need to login to? Well, strong passwords could save your business from 63 percent of data breaches. While it’s common practice to have password policies, another study found that 65 percent of business don’t enforce their policies. Having a password requirement is extremely simple. For example, one company requires a password to be 14 characters in length, include an upper- and lower-case letter, number, and symbol. These passwords are also required to be changed every 90 days. If you don’t have a password policy, we just gave you one. You’re welcome!
Back Up Your Data – While it’s extremely important to have proper cybersecurity products in place, there isn’t one company in the world that is 100 percent safe from all cyber threats. It’s recommended that your business has proper backups for word processing documents, electronic spreadsheets, databases, financial files, human resource files, and accounts receivable/payable files. These backups should be performed at a minimum once a day and should be stored in a separate location in case of a natural disaster occurring at your place of business.
Multifactor Identification – Multifactor identification, also known as two-factor authentication (2FA) is an extra layer of security that requires a password as well as something that only the user logging in has on them. We will be issuing a separate article on 2FA in the coming days however, it’s becoming one of the biggest trends in logging into any device or site that contains sensitive information.
Outsource Cybersecurity – One of the biggest issues facing small and medium-sized enterprises is finding a qualified cybersecurity expert. According to a recent report from business consulting firm Frost & Sullivan, the shortage of qualified cybersecurity specialists is expected to reach 1.8 million by 2022. What does this mean for your small- to medium-sized business? You’re either going to have to pony up and pay corporate money for a cybersecurity specialist or, you’re going to have to consider alternative options; such as outsourcing your cybersecurity. The latter is certainly going to be cheaper and will probably even provide more benefits than having in-house cybersecurity.
The fact of the matter is, cybersecurity will always be a moving target. Cybercriminals are becoming more advanced every day. In order to protect your company as much as possible, it’s essential that cybersecurity is a top priority. Contact WatchPoint today to learn more about layered security. Your business could depend on it.