As technology continues to develop rapidly, so do the opportunities open to cyber-attackers, meaning it is more important than ever for businesses to protect themselves against the threat of a breach. With high-profile cases, such as ongoing security concerns over tech giant Huawei’s international expansion plans, as well as the recent WhatsApp attack which saw hackers enabling surveillance software on users’ devices, it is vital that companies are vigilant and ensure all members of staff are educated on the potential risk.
Our research shows that the vast majority of companies are more exposed to cyber-attacks than they need to be and, although unintentional, it is often their employees that are at the root of the problem. So, here are our top tips for reducing your business’s risk.
Invest in employee training
Your network is only as safe as your most gullible employee. Even the most sophisticated security systems can be compromised by human error, so it is vital that all employees are educated on the risks that cyber-security breaches present. If cyber-security is a particular area of concern for your business, ensure that this is considered as part of your recruitment strategy when hiring for technology-focussed roles.
Store sensitive data in separate locations
By storing sensitive information across several different systems, the impact of an attack on one of your systems is minimised substantially.
Have regular data workflow audits
Data enters your company via many different points, including email, FTP and external memory devices. Identifying all of your company’s entry points and taking steps to secure them is a critical step in avoiding data breaches. At a minimum, businesses should be scanning all incoming and outgoing email attachments for viruses and threats.
Conduct internal and external penetration tests
Internal testing is an invaluable tool but hiring an outside party to attempt to breach your network will help to identify any holes your team has missed.
Ensure your defence is multi-layered
A single layer of defence is not sufficient for the data held by your company. It must be protected by multiple systems working in parallel in order to be truly effective. That way, if one layer is breached your data is not exposed.
Find your weakest security link
Every office will have a weak link, and it varies hugely from company to company – whether this is an employee with their passwords taped to their laptop, or an old, forgotten server. These are exactly what a cyber attacker would be looking for so it’s important that you find them first.
For more information about our cyber security research, along with practical insights from 15 cyber security experts, download our report Cyber Security: How Real is the Threat and How Can You Reduce Your Risk?