‘Fraudsters steal $450,000 from Brisbane City Council in elaborate scam’ screamed the front page of a newspaper recently.
Unfortunately, this kind of headline is becoming more and more common. Doing business and communicating online is now a necessity, however, as our use and reliance on computers continues to grow (it’s been estimated that more than 50 billion people will be connected to devices by 2020), the issue of cyber security must become a priority for companies.
At our recent Twilight Seminar, Carla Liedtke, Director, Control Risks shared the findings from their firm’s survey, that most organisations believe cyber issues will be the most disruptive external threat to their organisation over the next 5 years.
Carla explains, “The number and impact of global cyber-attacks in Australia is increasing every year, with those perpetrated by criminal groups being the most common over the last year. A rise in ransomware, cyber enabled fraud – such as CEO fraud – and theft of data, means it is vital that every company must have a dedicated cyber security risk strategy in place. A cyber-attack on your company could result in huge losses, severe business disruption or in some cases, completely halt your ability to operate.”
The 2015 Cost of Cyber Crime Study reports that cybercrime in Australia’s cost per organisation has increased by 13 per cent in 2015 to $4.9 million – and the amount is increasing every year. Despite this escalating risk of being the victim of an attack, not all businesses are responding in the way they should. According a recent survey, 14 percent of executives admit to lacking a concrete strategy when it comes to information security. However, businesses must realise that they ARE at risk from a cyber-attack, and therefore need to take the appropriate measures to ensure that their cyber security practices are robust and up-to-date. But how exactly can you keep your business safe from cyber threats?
“Control Risks recommends a proactive approach to cyber risk management, so you are ready with a plan when the inevitable attack occurs. We help our clients understand who is likely to attack your organisation and which key assets they are likely to target, which will be different for every organisation. Once we understand this, we then work with clients to identify the gaps in their defences and formulate an action plan.” Carla says.
In order to successfully fight against cyber crime, businesses must adopt a ‘security-first’ mentality, promote an improved cyber culture and raise awareness of best practices to ensure that businesses are secure online. Here are some best practices that can help keep your company as safe as possible:
Keep your software up-to-date. An outdated computer is more prone to crashes, security holes and cyberattacks. Hackers are constantly scanning for security vulnerabilities and if you let these weaknesses go for too long, you’re greatly increasing your chances of being targeted.
Educate your employees. Make your employees aware of the ways cybercriminals can infiltrate your systems, teach them to recognise signs of a breach, and educate them on how to stay safe while using the company’s network.
Implement formal security policies. Having company-wide security policies in place can help reduce your likelihood of an attack. Always use strong passwords, for example with upper and lowercase letters, numbers and symbols, then ensure that passwords are changed regularly.
Practice your incident response plan. Run a drill of your response plan so your staff can detect and contain the breach quickly should an incident occur.
In addition to the above tips, developing strong security resilience will also help protect your company from cyber threats. For example:
Health checks: Conduct regular data health checks around where and how data is stored, which applications are in use on the network or are taking up valuable network availability. They should keep track of all users and what parts of the network each person has access to, and potential threats that may exist.
Staff training: Human error accounts for the majority of security issues in businesses. It’s therefore essential to educate employees on how to identify and protect the business from end-user focused threats, like phishing attacks. Encourage staff to always be on the lookout for the urgent and the unexpected. Creating an environment where staff are confident in challenging requests that don’t look right is key.
Integrated platform: Businesses will fight best against cyber-attacks if they adopt technology that acts seamlessly behind the scenes. This means integrating a smart platform that can take pre-emptive action, with minimal manual effort required from IT or security teams.
While following these steps won’t make you impervious against hackers, it should go a long way towards helping you secure your data from some of the most common cyberattacks we know about today.
If you would like to find out more about security solutions, and how you can help protect your business from the threat of cybercrime contact Brett Hanger.