[BreachExchange] Start-ups: Cyber security advice you need to hear
Audrey McNeil
audrey at riskbasedsecurity.com
Tue Feb 7 20:00:25 EST 2017
http://www.bmmagazine.co.uk/columns/opinion/startups-
cyber-security-advice-need-hear/
For most big businesses this problem can be met head on by enlisting and
recruiting IT security experts and implementing software that safeguards
them from attacks; investments which are often costly, making them
unattainable for many start-up businesses.
It shouldn’t be a surprise to hear then that cyber attacks are becoming
much more frequent. As the internet permeates almost every instance of our
working lives, we’re entrusting it with more and more data, which only acts
as a catalyst and a boon to hackers and cyber criminals around the world.
There is a common myth that hackers and cyber criminals only lay their
cross hairs on larger businesses. But the fact is that no business, no
matter how large or small, is safe from an attack. So what should start-ups
do about cyber security without the mammoth budgets that their larger
enterprise competitors wield?
Here, Focus Training looks at the most common threats and how they can be
tackled to fledgling businesses.
Reduce human error
One of the most common causes of data breaches or other cyber-related
attacks is human error. That could include an employee opening an email
containing malware, visiting unsafe sites, or downloading programmes that
aren’t safe for your system.
The key to combating this is to educate and inform. Don’t allow employees
to download software to their computers without permissions. Warn against
suspicious emails. Instil a more vigilant digital attitude in employees and
you’ve done half the work towards protecting your business from a cyber
attack.
Managing documents
Saving and storing files and documents on a computer is simple to do.
Securing those files and documents is also just as simple, but so often
overlooked. If one document contains sensitive materials ensure that it’s
encrypted. Also use strong passwords to protect areas of your system that
contain this sensitive data.
You can also use PDF software that will convert documents and encrypt them,
meaning that the document can only be opened once a correct password has
been entered. You should also assign manager rights ensuring that data and
documents can only be viewed by someone a business owner has chosen.
These are just a couple of basic tips but more can be found on securing
documents here.
Understand the Importance of data
The loot for many hackers and cyber criminals is often the data that your
business holds. That data could include many things, from the email
addresses of those who subscribe to your newsletter, to detailed bank
information. A breach of either will impact your reputation. Obviously one
will have a more severe impact than the other but the protection of both
will be vital to all of your customers and should be at the forefront of
your mind when implementing cyber security protection.
Be proactive
Many start-ups only realise the gravity of cyber crime threats after the
damage is done. In some instances, it could be months before a business
realises that they’ve fallen victim to an attack. Cyber criminals know
this. They know that smaller businesses aren’t putting in place important
security measures and that’s one of the reasons they go for the smaller
fish.
So be proactive rather than reactive. Look to implement security measures
from the outset rather than as a reactionary precaution to a small attack.
It is easy on a tight budget to delegate time and resources elsewhere
within your business but the threat of cyber crime is very real and could
be very costly to a new organisation.
Health check your equipment
Smaller businesses often use outdated technology in an attempt to save
money. The problem with older computers and laptops is that the software
they run can sometimes be susceptible to viruses and much more vulnerable
to an attack.
By conducting regular health checks of equipment used by yourself and your
staff, you are better preparing against an attack in the future. These
health checks can be conducted monthly to look for viruses that may have
already infected your machine, check for software updates that will help
keep it healthy and secure, or just a maintenance check up and cleaning of
unused files and documents on the computer.
Choose better passwords
When choosing a new password there are a lot of businesses that recycle
their old ones. Perhaps they use the same words and fix a number on the end
or add a capital letter to the start? It’s this lack of imagination that
makes breaking into a system or an account easy for hackers.
So forget the word ‘password’. Instead, think ‘passphrase’. The longer it
is, the better too. Got a favourite song lyric? Maybe there’s a motto you
love? A phrase is often much harder to guess than a word.
The more imaginative the password, the better.
How is the UK Government Tackling Cyber Crime?
With cyber crime on a continuous rise many people are looking to the
government and asking:
‘What’s being done?’
Last November, the then chancellor Phillip Hammond announced a five-year
£1.9 billion scheme designed to help prevent cyber crimes in the UK. This
money is to be invested in bolstering defences and arming the public and
workers with “better cyber skills”. As we touched on earlier, the most
effective way to prevent cyber crime is to train and help make people more
aware of the various threats they face online.
Armed with a basic understanding, most businesses and individuals can avoid
the most common cyber attacks out there.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170207/8b32c436/attachment.html>
More information about the BreachExchange
mailing list