Connection to the Internet is a basic business essential – it’s also one of the greatest risks, with constantly evolving threats to cyber security. Once upon a time, a firewall and some good antivirus software were enough to conduct business safely, but now it’s becoming more important to have cyber security skills in-house. While the big end of town is still struggling with cyber maturity – the preparedness to weather a cyber-attack – it’s small to medium businesses who are most exposed to risk. This is your guide to the biggest cyber security threats to business and how you can prepare for them.
Like it’s namesake, phishing involves casting out bait in an attempt to land a big fish – but in this case, the bait is an email or electronic message and the ‘catch of the day’ is access to your business's computer systems. Once they have access, hackers can introduce ransomware, steal your sensitive data, or syphon money from your accounts.
The first step in combating phishing is training (such as via the masters in cyber security from ECU). Almost every executive around the world agrees that untrained staff are the greatest threat to the cyber security of their business. Employee training at all levels of the organisation is a valuable fortification against cyber threats.
The impact of a phishing attack can also be reduced through the principle of least privilege – a process of restricting access to only the resources required to do a particular job.
A good example is the accounting department, where some staff will have access to payroll while others will have access to accounts. Staff outside the accounting department may have access to expenses and invoices, or they may have no access at all. If a phishing attack on any of these user accounts is successful, the breach will be limited to the resources available to that account.
Another tactic to counteract phishing is to implement a Bring Your Own Device (BYOD) policy. Rather than inviting employees to bring their own computers, a BYOD policy outlines the ground rules for any device that is not supplied by the business. Access to networks and USB ports can be restricted to company approved devices that are fully compliant with your cyber security policies.
Ransomware is malicious software or malware, that takes your data hostage until a ransom is paid to the hacker who sent it. In some instances, it can threaten to publish your data, while in other cases it blocks access or completely encrypts your data.
Ransomware often finds its way into businesses through phishing. All it requires is one click on a link in a convincing looking email that takes you to a legitimate looking website. Without the user even realising, the malware makes its way into the computer system and the cyber threat unfolds. Another, more crude way in, is through an email with an attachment that the user is invited to open.
Internet security company Malwarebytes reports that business detections of ransomware increased 200% from the last quarter of 2018 to the first quarter of 2019. As a result, employees are increasingly likely to encounter one of these nasties in their inbox. Again, training staff to be cyber security aware is the first step in combating both phishing and ransomware.
Malware scanning software and antivirus software can also be effective by intercepting a trojan message before it reaches the employee. These programs can quarantine emails, prevent downloads or simply highlight potential threats.
If ransomware still manages to get through, having a good recovery plan can still be an effective defence. This requires the maintenance of regular backups in multiple off-site locations – that means backups that are not connected to your computer systems in any way – so they are completely immune. The ransomware may still cost you time to restore your system from a backup, but it doesn’t have to cost you any more than that.
One of the key principles in network security is to create an impermeable perimeter that separates a business network from the Internet. Firewalls enable this invisible border and allow authorised connections in, while keeping unauthorised approaches out. Maintaining the perimeter requires all parts of the network, and the devices on it, to be secured.
A device may be insecure if the factory set configuration is not updated on installation. Until recently, a printer could be connected to a network and was simply an endpoint for printing documents. As part of the Internet of Things (IoT), now a printer may also connect automatically to WiFi or to the cloud, where data can be sent in both directions. Updating any new device’s configuration to align with your cyber security policies is essential.
Devices can also become insecure if they miss an update. A few years ago, the personal account details of 83 million customers were stolen from a US bank, because one network server was not updated. Like most banks, it had introduced two-factor authentication, where a second unique password is required to log in. Unfortunately, when it rolled out two-factor authentications, one network server was missed, and the hackers found their way in.
It's important to have a cyber security expert in your business
IBM conducts an annual ‘Cost of a Data Breach’ study which in 2018 found the global average cost to be US$3.86 million. Compared to that, the expense of a cyber security expert in your business looks like petty cash!
The fact is, cyber threats are constantly evolving, and today’s cyber security practices could become obsolete with the cyber threat of tomorrow. That’s why cyber security experts are continually scanning the horizon for new cyber challenges and updating defence practices as new threats arise. With a cyber security expert in your business, you can establish a progressive cyber security strategy that is developed specifically for your environment.
Find out more about how to learn the skills you need to protect your business from these threats by studying a Master of Cyber Security.