The pandemic has forced many people to do business from home. Unfortunately, this shift to remote work has also opened up opportunities for hackers.
Cyberattacks have grown by more than 400% since the pandemic began and many of these hackers target small businesses. Small businesses tend to be targeted because many do not have a full IT department to protect themselves.
As we have seen with the recent gas shortage, today’s cybercriminals are becoming more sophisticated and pose more important threats to the economy than ever before. New safeguards are needed to protect consumers and businesses.
Month:Kelvin Collins: How did you celebrate World Password Day?
Cybersecurity is not just about adding layers of security technology. It starts with an understanding of cybersecurity risk management. The Better Business Bureau has developed the five-step approach to improving business cybersecurity to help businesses and consumers do just that.
Step 1: Identify it. Make an inventory of the key technologies you use and find out the information you need to rebuild your infrastructure from scratch. You will inventory the key data you use and store and track potential threats.
Step 2: Protect it. Assess what protective measures you need to take to be as prepared as possible for a cyber incident. Establish protection policies for technologies, data, and users, and ensure that your contracts with the cloud and other technology service providers include the same protections.
Step 3: Detect. Take steps to alert you to current or imminent threats to system integrity, or loss or compromise of data. Train your users to quickly identify and report incidents.
Step 4: Answer. Make and practice an incident response plan to contain an attack or incident and keep business operations short-term.
Step 5: Recovery. Know what to do to return to normal business operations after an incident. Protect your company’s sensitive data and long-term reputation.
Approach your home or office with these five cybersecurity practices in mind:
1. Understand your current state of cybersecurity. You may feel like you have relatively good cybersecurity, but how can you be sure? It is critical to audit your cybersecurity status annually.
2. Train your system users. With the world changing to remote work, it’s essential to recognize how much time you work on personal devices or in external locations. Educated system users are your first line of defense to protect your information.
Hackers understand that untrained users are often the easiest way to get into a system.
The most popular types of cybersecurity scams against employees include:
• impersonating an employee within the organization: usually by finding out their name on social media or on the company’s website.
• Bait with information that seems internal and that the hacker has found online
• Hide malware downloads on email cancel buttons
• Fishing email
• Use keyboard capture techniques to collect passwords
• Internal threats from current or former employees
Get closer to training your users on cybersecurity in a smart way. If you simply send an article to your computer describing the importance of cybersecurity, you may not get their full attention. Don’t just force tutorials or conduct training sessions on other people without any explanation.
Instead, make them understand the potential impact of these attacks and how vital their control is. Giving your team information about the dangers present will help them understand why you should worry about cybersecurity.
3. Back up important information. It can be devastating for a company to lose critical financial records, customer data, planning documentation or proprietary information. Some cyber attacks not only steal data, but also clean up and shut down systems. This is a situation from which it is almost impossible to recover.
To avoid this, you should back up all your information frequently. If possible, use a system that automatically backs up your data to a cloud. If this option cannot be made, be sure to back up your data at least twice a week.
4. Update systems. No one dreams of system updates. However, you need to understand why system updates are essential and should be done immediately.
Operating systems have built-in features to help reduce the threat of a cyberattack. However, as the world of cyber threats changes continuously, operating system manufacturers are posting updates to keep up with the changing landscape. These updates are to protect your system, and each time you delay an update, you increase your risk.
5. Password authentication. Two-factor authentication requires users to verify their identity with a secondary device in a short period of time. The process essentially functions as an additional barrier to entry. Someone may be able to find out your password; it is much less likely that someone will know your password while you have your cell phone.
If you think your smart, capable computer doesn’t need two-factor authentication, think again. People hate forgetting their passwords and want to easily access their accounts. Unfortunately, this usually manifests itself in the types of passwords they choose. The two most common passwords of 2020 were 123456 and 123456789. Not so secure.
Two-step authentication can help your employees keep their accounts secure.
The risks of poor cybersecurity are too high. By implementing these five cybersecurity practices, you help protect your home and business. You can choose to ignore your cybersecurity, but that doesn’t mean hackers ignore you. Be proactive and make sure you take your cybersecurity seriously.
Read more at BBB.org/Cybersecurity.
Kelvin Collins is president and CEO of the Better Business Bureau serving the Fall Line corridor, which includes the Augusta-Aiken metropolitan area. Direct questions or complaints about a specific company or charity at (800) 763-4222 or email@example.com.