Protect you and your team today
2,000 cyber attacks are launched every day. Do you know how to defend yourself? Motimate’s new five-part interactive cyber security course arms your workforce with the knowledge to protect your business all-year-round.
Today, cyber attacks are so common they’re best thought of as an inevitability. Being able to defend against attacks has become a necessity.
And while the expertise may come from the IT department, every employee has a role to play on the frontlines. Your cyber security policy needs to involve people at all levels and in all departments, educating and empowering them to keep the workplace secure.
We asked the experts at NorSIS for their advice on how to protect your business from cyber attacks.
Here are six things to get right, right now.
1. Get your security essentials in place
The strongest fortresses have moats and high walls. Big doors, with big locks too. Your cyber defences should be no different.
Some of these will be hardware solutions, like surge protectors and uninterruptible power sources to offer backup if the power supply gets hit. Network devices like routers and wireless access points should be secured too – change those default passwords!
Other solutions will be software-based: firewalls, malware guards, data encryption. Keep all software updated with the latest security patches and operating systems.
2. Know what needs protecting
Hackers are after your valuables. Often this means the data your business holds. So secure it, and back it up.
Identify the data that’s most valuable, and therefore most vulnerable to ransomware attacks, and secure this stuff first. Then repeat for everything else.
You’ll want three copies: one production copy, and a couple of backups. Store each copy in a different place, and make sure at least one of the backups is held offsite and isolated – cloud storage will work for this.
3. Secure the perimeter
Your business has two borders to protect: digital and physical.
Keep your digital perimeter intact with web and email filters that block harmful sites and phishing spears. Empower your staff to be proactive in spotting threats too (more on this later).
Logins are part of the digital perimeter too. A good password policy doesn’t just encourage people to change their password regularly, it ensures they’re setting a strong one each time – and not using the same login for different devices and applications. Avoid shared logins for devices and applications, and introduce multi-factor authentication as standard.
But don’t forget your physical boundary. You can have the best digital defences in the world, but they won’t count for much if someone is able to wander into your office and slot an infected USB stick into an unlocked laptop.
Dispose of old gear safely too, wiping flash drives as well as laptops and phones before they’re sent off for recycling. You never know who might be digging around in the bins…
4. Audit often
You can’t eliminate the chance of attack entirely, but you can (and should!) keep tabs on how your defences are holding up. Keep detailed records of attempted hacks, breaches, and vulnerabilities.
Regular software updates and hardware reviews should already be part of your basic routine. You can add to this with other checks like phishing email tests for employees and refreshers on social engineering techniques.
Hackers are constantly evolving their techniques. Your defences need to match them.
5. Automate what you can
Hacking is a game of scale. Most attackers aren’t pounding out keyboard sequences and declaring “I’m in!” as they breach a tricky firewall. They’re sending out hundreds of thousands of phishing emails or using password crackers to crunch through millions of different username and password combinations. And they only need one to work.
Keeping every angle covered is a near-impossible stretch for even the biggest and best-equipped IT teams. So get help where you can.
Just as physical security systems employ cameras, motion sensors and more, the best cyber defences use automated systems to detect suspicious activity and flag it to be checked – reducing individual workloads, and improving results.
6. Educate staff and create a security-focused culture
Perhaps the most important advice of all: switched-on staff are the best protection against cyber threats you can get.
Most hacks are a result of human error – clicking a dodgy link, or succumbing to social engineering. Educating employees about how to recognise cyber attacks and how to respond can be your best chance at preventing a breach.
A regular, structured education programme will help to instil a security-focused culture. Make learning fun and accessible, empower your employees, and you’ll start seeing benefits immediately.