Now here is a hot topic and I honestly don’t see it changing any time soon, if ever.
The biggest threat to your business is the threat of a cyberattack, every business is a target and with organized crime organisations driving the increasing events of cyber-attack it is not going to go away.
In a recent ACSC Survey, it is estimated that over $300 million is lost to cybercrime every year, the true figure is likely to be much higher as many crimes are not reported.
Someone is a victim of Cybercrime at least every 10 minutes.
So, who are these victims?
In the survey, it covers sole traders to businesses that employ up to 200 people, the attacks are across the board, and no one is too small or too big to be targeted, don’t think that we don’t turn over enough to be a target, regardless of your business income whether it is less than $50k a year or several million dollars you are still on the radar to be attacked.
That the facts and figures but it’s ok it won’t happen to me, sorry but if that is how you think it’s time to wake up.
Here are some common fallacies:
We have a good firewall, no one can get into our systems
It’s ok, all my programs are in the cloud I don’t have to worry
We don’t need to worry we are too small
My anti-virus will stop it
To these I would say, firewalls are great, but most cyberattacks are made against people, not systems (firewalls), the attackers know that firewalls are almost impossible to get through, but people are easy to trick and will often give access to systems without realizing the threat.
If all your programs are in the cloud all an attacker needs to get is your username and password, I know you are careful but again the person is the weakest link.
No one is too small, just look at the statistics, if you have something of value you are a target.
Your antivirus will not stop you from inadvertently giving away your details, email phishing attacks are used, and unfortunately, they work far too often.
Be aware that we are constantly being tested or attacked with phishing emails, these are trying to get you to give a threat agent your user name and password, so any email that you receive that is asking you to enter your user details needs to be treated with care if you don’t know the sender I would just delete it if it’s genuine the sender will be back in touch (so far this has never happened for me). Also, consider two-factor authentication for your emails, it just gives another layer of security.
Oh, and it’s not just the phishing emails, it’s the constant bombardment of phone calls, you know the ones “I’m ringing from Microsoft, there is a problem with your computer give me access to fix it” NO STOP, do not let them in, Microsoft will not call you unless you have called them first.
Yes, you have backups, but they are only useful if you can restore from them, if you back up to a drive connected to your computer this is there only to make you feel good, in reality, if your computer gets infected with a ransomware attack it will encrypt the backup drive too. Backups that are either on a network file store that requires authentication or some form of off-site solution are better.
The real secret is to trust no one, if you have an issue with your computers, you choose who helps you to fix the problem, make sure it is someone that you trust and has your best interests at heart.
Most businesses have little or no budget for Cyber Security, yet it is most probably the biggest threat to the future of your business. Make sure you are getting the correct advice on what you should be doing to protect your business, don’t just do what “old mate” at the pub reckons you should do.
If you suffer a cyberattack the likelihood, is you will suffer a financial loss that could end your business, if you survive the attack and can continue to trade you may have lost both business reputation and standing. You are also five times more likely to suffer another cyber-attack after you have suffered one.