Stranger Danger: Cybersecurity Best Practices
Stranger Danger
I’m sure all of us when were younger were taught Stranger Danger. We needed to be cautious of any strangers we met while walking to and from school or in any new places. Today, the strangers that some of us fear the most are of the cyber kind. They can steal our livelihood, identity and more with a few clicks.
Businesses are becoming victims of this Stranger Danger every day. Cyber crime rose by over 600% during the pandemic. It is estimated by 2025, the cost of cybercrime worldwide for companies will be $10.5 trillion. Unfortunately the pandemic amplified cybercrime due to the uncertainty around remote working and how to protect your business.
Many businesses are not prepared for cyber attacks and do not educate their employees on best practices to help prevent these attacks from happening. The month of October celebrates cybersecurity awareness. Education is the one of the biggest tools going forward to fight the Cyber Stranger.
Current State of CyberSecurity
There are some staggering stats surrounding businesses today and the safety of their data. The numbers are only increasing as new threats appear and businesses do not offer the appropriate resources to combat this problem.
A study by Accenture reports that 43% of cyber attacks target small businesses, and under a sixth are equipped to prevent those attacks.
On average, it takes a company 197 days to discover a cybersecurity breach. Needless to say, the longer it takes to discover a security breach, the more a company’s reputation and assets suffer.
A few more stats:
- Globally, 30,000 websites are hacked daily.
- 64% of companies worldwide have experienced at least one form of a cyber attack.
- There were 20M breached records in March 2021.
- In 2020, ransomware cases grew by 150%.
- Email is responsible for around 94% of all malware.
- Every 39 seconds, there is a new attack somewhere on the web.
- An average of around 24,000 malicious mobile apps are blocked daily on the internet.
Common Types of Cyber Attacks
64% of companies worldwide have experienced at least one form of cyber attack in the past year. What are the most common ones that businesses and their employees see?
- Phishing: A type of online scam that involves sending an email or other virtual communication impersonating a source that would usually be seen as reputable, such as a bank or an internet service provider. 91% of all cyber attacks start with a phishing email.
- Malware: Malicious software that gets downloaded onto devices without one’s consent. It causes devices to crash or can allow hackers to view computer activity, access files, and steal information. 27% of malware infections originate from infected USBs.
- Man-in-the-middle (MITM) attack: This occurs when a user intercepts communication between two people, or between one person and a machine. For example, a hacker might guide a user into a fraudulent site that appears to be the user’s bank’s website to collect their data. According to Netcraft, 95% of HTTPS servers are vulnerable to these attacks.
CyberSecurity Best Practices
A recent survey found that 61 percent of employees failed a basic quiz on cybersecurity fundamentals. With the average company spending only 5 percent of its IT budget on employee training, it’s clear that education is an opportunity for many organizations in the future.
Here are just a few best practices to follow:
- Avoid Pop-ups, unknown emails and links: Malware infections are among the most common cybersecurity threats organizations face. Having up-to-date virus scan and spam detection software is a great safety net, but it’s also critical that all users are trained to understand the dangers of clicking on unusual links, pop-ups or emails.
- Use strong password protection and authentication: It’s important to require all users to create strong, difficult-to-guess passwords and credentials for their accounts and change them often. Consider multifactor authentication (MFA), which requires an additional token of identifying code to access systems. 63% of data breaches result from week or stolen passwords.
- Enable firewall protection at work and at home: Firewalls are important gatekeepers, restricting traffic in, out or within a private home or business network.
- Back up data: Regularly backing up critical data is key to defeating ransomware and to business continuity in general.
- Control physical access: Preventing access or use of desktops, laptops and mobile devices should be a high priority as these can be easily stolen or lost. Make sure such devices are set to lock when unattended and grant only limited administrative privileges for such hardware.
- Minimize data transfers: Be mindful of how many devices contain important data and try to make transfers as minimally as possible.
- Verify download sources: Before making any downloads, scan the website you’re downloading from to ensure that it’s verified, and only click on legitimate download links.
- Keep software updated: Update software whenever updates are available is a great way to protect against cyber attacks.
- Encrypt where possible: Encryption tools can be used to protect data from unwanted individuals. When encryption isn’t possible, password protection is a great alternative. Be sure to choose passwords with a mix of letters, numbers, and characters, and to update your passwords regularly.
- User activity monitoring and behavior analytics: This can give insights on when there is suspicious activity around your data. These tools can help you prevent data theft in real-time.
- Practice robust and continuous employee awareness programs: Even with the best technology in place, human error is often the weakest link. Constant education programs is the most important best practice when it comes to cyber resilience. Human error is responsible for 90% of all security breaches.
What Will You Do Next?
Cyber threats are not going away and will continue to be a major concern for all businesses no matter the size. Contact Zunesis to find out how our solutions can provide extra protection. Reach out to find out about our assessments which may discover holes in your current IT environment.
Want to find out how knowledgeable your employees are on the topic of cyber security? Take this quiz from the Cyber Readiness Institute to find out how cyber ready they are.
Categories
Search
Blog Categories
Related Resources
Archives
- April 2024
- March 2024
- January 2024
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- October 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- October 2019
- September 2019
- August 2019
- July 2019
- June 2019
- May 2019
- April 2019
- March 2019
- February 2019
- January 2019
- December 2018
- November 2018
- October 2018
- September 2018
- August 2018
- July 2018
- June 2018
- May 2018
- April 2018
- March 2018
- February 2018
- January 2018
- December 2017
- November 2017
- October 2017
- September 2017
- August 2017
- July 2017
- June 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- May 2016
- March 2016
- February 2016
- January 2016
- December 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- May 2015
- April 2015
- March 2015
- February 2015
- January 2014
- February 2013
