Did you know, in the last year, 43% of businesses identified a cyber security breach within their organisation. The average cost of a data breach for SMEs in the UK is a hefty £16.1k!
You’ve probably heard of the term cyber security, but if you’re not 100% sure what it is and how it can affect your business, then read on!
What is cyber security?
Cyber security is the steps that organisations take to reduce the risk of becoming a victim of cyber attacks. The purpose of cyber security is to protect the sensitive information and the everyday devices we all use, including smartphones, laptops, tablets, and computers, from digital attacks.
Every single time we access services online, we’re instantly putting our data at risk from theft or damage. Imagine all the personal information that you store on your work devices and online. Cyber security is about preventing unauthorised access to this highly sensitive personal information.
It’s difficult to think how we’d function without these devices because they’re so engrained in our everyday lives. But with that, it’s easy to become complacent. Every online action you do from accessing your emails to online shopping puts you at risk. It’s vital to take key steps to prevent cyber criminals getting hold of your data, devices, and accounts.
Want to protect your organisation from cyber attacks?
A great starting point is to consider how cyber attacks work. When you understand that, you can think of ways to prevent the risks. The National Cyber Security Centre is a great source of helpful information. They mention that in general cyber attacks have four stages:
The four stages are:
Survey – investigate and analyse available information about the target to identify potential vulnerabilities
Delivery – get to the point in a system where you have an initial foothold in that system
Breach – exploit the vulnerabilities to gain some form of unauthorised access
Affect – carry out activities within a system that achieve the attacker’s goal
Defending against cyber attacks needs to be layered and include a range of measures including technology solutions, user education and effective policies. Here’re some examples of defences that will help your organisation to combat common cyber attacks.
Take a methodological approach
Most attacks are still based on well-known techniques, such as phishing emails. Some threats can be very sophisticated, using advanced methods to break into extremely well defended networks. Attacks often start with the simplest and cheapest option, to prevent being caught. Senior executives or stakeholders in organisations are often the target of cyber attacks, because of their access to valuable assets (usually money and information) and also their influence within the business.
Protect your IT accounts
Attackers may try and directly target your IT accounts, or they may try and impersonate you by using a convincing looking fake email address. Once they can impersonate you, a typical next step is to send requests to transfer money. These attacks are low cost and often successful as they exploit the reluctance of staff to challenge a non-standard request from usually someone higher up in the organisation.
Any organisation could be impacted
If you’re connected to the internet, then you are exposed to being a cyber victim. Every organisation, including yours, will have value to an attacker, even if that is simply the money you might pay in a ransomware attack. Having good cyber security awareness throughout your business, security policies that are fit for purpose and easy reporting processes will all help to reduce this risk. You should also consider how information about your team that is publicly available could assist an attacker who is trying to impersonate you.