In our current world, protection against cybercrime is needed more than ever. Cyber criminals will be using COVID-19 to increase their activities to attack individuals and organisations. The National Cyber Security Centre has reported a rise in online scams exploiting the pandemic with the aim of obtain money from victims. It is critical for organisations to re-assess their data protection practices to cyber security and help protect themselves from experiencing data exposure and breaching GDPR.
Why is cyber security important?
• Damage to IT systems
• Loss or impairment of critical business data
• Loss or compromise of customer data
• Loss of use of customer facing websites
• Damage to brand or reputation and loss of public trust.
The increase in the number of individuals working from home poses even more risk to businesses as they become more reliant on their IT systems and employees often working on their own devices.
What steps can I take to be prepared for a cyber attack?
1. Protect data using strong passwords and encryption. Make sure you avoid using predictable passwords and provide secure storage for passwords.
2. Secure your computer, wireless network and mobile device. Often cyber criminals will gain entry by exploiting your software. To prevent this, ensure you keep all your applications and operating systems up to date.
3. Provide training against cyber treats. Your employees should know your cyber security policies and know how to report suspicious activity. Providing training on these topics should assist employees in reducing the risk of data exposure.
4. Consider having an offline back up. Back up your data regularly in more than one place and do not leave your backup connected to your device when not in use.
5. Understand phishing threats and how to respond. Phishing is a method cyber criminals use to gather information. They often send victims emails with links that will direct you to fraudulent websites, asking you to provide sensitive information. Providing real life examples through training can help employees understand what to look for and how to best deal with them.
6. Create an incident response plan. While cyber security programmes secure an organisations digital assets, an incident response plan provide steps in case a cyber attacks occurs. This will allow organisations to notify impact customers quickly and limit financial and reputational damages.
7. Use multi factor authentication. This adds a layer of security to protect against compromised credentials. Users must confirm their identity by providing extra information when attempting to access networks, e.g. phone number or security code.
What if my business becomes victim to a cyber attack?
Taking these steps can reduce the chances of you becoming a victim of a cyber-attack but it is impossible to eliminate the risk entirely. Cyber Insurance can help your business deal with and recover from any cyber attacks.