Cybercrime is a real and present danger facing any company that holds digital assets and relies on the internet for its operations. In 2021 alone, the costs associated with online criminality are forecast to top $6 trillion globally – with that figure predicted to rise to a colossal $10.5 trillion by 2025.
A growing threat to companies of all sizes
No matter the size or profitability of your firm, if you operate online to any degree, you run the risk of a cyberattack. Indeed, recent statistics show cybercriminals are increasingly moving to target small to medium-sized enterprises (SMEs) in favour of larger firms – partly because smaller companies tend to take a more relaxed approach to their security. Sometimes, this lax protection can be down to budgetary constraints; however, perhaps more worryingly, it’s often due to smaller companies believing their revenue is too low to be an attractive proposition for hackers.
Simple security steps you can take that won’t break the bank
Whether you believe your firm to be in imminent danger or not, there are some simple steps you can take today that will help mitigate the risk of your company falling victim to an attack:
Agree on a policy for data loss prevention (DLP): It’s a good idea to establish rules for the data in your organisation so everyone’s clear on best practices – for example, regarding the sharing and storage of files, etc. Also, while you can verbally agree these rules, a company like Proofpoint can put gateways or blocks in place on your network to prevent accidental (or malicious) data sharing with unknown or untrusted sources.
Insist your team uses complex username/password combinations: Despite the known risks from simple passwords, one of the most common ways hackers gain access to accounts is through simple username/password combinations. In particular, easy-to-guess passwords (or passwords that are used across multiple accounts) continue to pose a significant threat. You should brief your team and insist they change any at-risk credential immediately to alphanumeric passwords. Also, it’s good practice to change passwords frequently (perhaps once a month) to further reduce the risk of being compromised. Lastly, the passwords your colleagues use for work accounts must be different from those used for other services (e.g., Facebook, Gmail, etc.).
Update software and operating systems (OSs) regularly: Developers are in a never-ending battle with hackers that constantly look for ways to exploit potential weaknesses or backdoors in their apps – so you should keep your software and computer operating systems (OSs) up to date. Even if you’re not prompted, it’s wise to do a manual check (normally found under the main menu of programs).
Educate staff (and yourself if required) on the common dangers online: There’s little point trying to tackle cybercrime if you or your team aren’t aware of the risks. For example, phishing (a method of social engineering used by hackers that exploits human trust) has become one of the most common forms of attack used by cybercriminals. However, if you’re not aware of the signs of a phishing attack, you’ll have little chance of stopping it. You should take the time to educate your team on the most common types of attacks used by hackers (and how to avoid them).
Partner content