[BreachExchange] 3 Essential Cybersecurity Tips for Business

Audrey McNeil audrey at riskbasedsecurity.com
Mon May 7 19:53:42 EDT 2018


Hacking has become one of the most prominent problems in the digital age.
Recent cyber attacks on major corporations, such as Equifax and Target,
have shown what a problem hacking really has become. In the technological
flourishment of the 21st Century we have all engaged with the internet via
our countless devices and online profiles.

This leaves our information out in the ether as we cannot control what
happens to our digital identities while we are away from their watch.
Susceptibility is just one facet of this hacking phenomenon that has
witnessed increased participation over these last few years. As a matter of
fact, we have seen an increase in the number of ransomware programs by
nearly 6000%.

This has lead to an uncomfortable familiarity that the public has developed
with hackers, and their exploits, that impact our lives dramatically and
often. Now is the time for individuals and businesses alike to educate
themselves on the best practices for computer management so that they do
not fall victim to a hacking attempt. Having a consistent general rule for
how you engage the internet, and how your employees access it, can prevent
unmitigated damage to your company that is oftentimes irreversible to an
extent. While nothing can stop a seriously motivated hacker, the tips
provided in this article will at least prevent the mass majority of
exploits on the internet.

Don’t Download from Unknown Sources

This is one of the earliest and most successful hacking devices that a
criminally intended person may use to exploit an access point into an
intranet or device. This will come in the form of an email that has
automatic download attachments that, when opened, can usually provide the
user with a trojan horse or ransomware executable. This tip really comes
down to whether or not emails should be opened from sources you do not
immediately recognized. The answer to this, of course, is never.

The same goes for Internet browsing within your company. If you’re
business’s IT policy is loose enough that employees can browse any website
they want through your router then you run the risk of someone going to a
fraudulent website or clicking on a fraudulent link. This is a treacherous
exploit as malevolent download links can appear on trusted websites or in
inconspicuous places. The solution in this case is to have a strict
internet policy within your company so that users accessing the internet
via your intranet do not accidentally bring in a virus from a website that
has not been pre-screened. A strict email and web policy can prevent over
half of all hacking attempts on your business and the employees therein.

Keep Up-To-Date

One of the most effective methods in combating the hacking epidemic is to
keep your hardware and software up-to-date whenever possible. Having
updated hardware and software can reduce targeted hacking efficiency by up
to 85%. The same goes for any OS updates, antivirus updates, or enterprise
software updates as up to date software can combat hacking efficiency.

This can be a difficult step for your IT team as updating software on an
enterprise is at least somewhat laborious. Even though this is the case,
you still must do everything you can to stay up-to-date even if your IT
team doesn’t want to due to the pain of mass deployment. Software that has
been exploited, and accessed by employees, can infect a company’s intranet
more severely than almost anything else.

Educate Staff

An educated employee base can prevent almost all hacking from being
successful. Educated people know the best password policy to use and which
software to use and when. Ransomware attacks have gone up by 6000% in the
last year alone and that number will not slow anytime soon.

This is why it is more important than ever for everyone to become at least
an amateur cybersecurity expert. This means no more sticky notes on
monitors or written down passwords under the keyboard. Only mail from known
people and websites that are accessible through the IT screening process.
Every employee should keep their antivirus up-to-date on their own laptops
and cellphones. Everyone should be constantly looking for the signs of an
exploit in your business so that you do not fall victim to one of the most
devastating attacks on your company’s infrastructure.


Hacking is a larger threat than it has ever been before and it is
continuing to grow throughout the world. If you can keep your devices
up-to-date and educate your employees then you can prevent over 90% of all
hacking attempts. Even though a very motivated hacker can probably access
your internet, making it as difficult as possible to do should be your
number one priority.

If you do not already, then think about hiring cybersecurity experts or an
IT team to keep tabs on all of the electronics throughout your business.
Cybersecurity companies are doing everything they can to limit the damage
that hackers can cause but so much of what they do can be prevented by
ordinary people. Staying diligent and educated can save you and your
business from tremendous loss and heartbreak.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180507/6fb052ba/attachment.html>

More information about the BreachExchange mailing list