Two in five UK businesses reported a cyber attack or data breach in the past 12 months. That is according to the latest version of the UK Government's Cyber Security Breaches Survey.
The study suggests that the level of cyber attacks has increased because of the effects of Covid-19. Businesses are finding it harder to implement and manage IT security as employees are working from home.
However, in some cases, the risk is also of our own making. Fewer companies are using security monitoring tools, 35 per cent vs 40 per cent last year.
So with the continued increase threat of cyber attack how can your business improve your IT security? We have highlighted seven ways you can further protect your business and boost your IT security.
MFA and Passwords
Passwords make up the basis of your security. This chart shows the hacking speeds of password formats.
We recommend you aim for the high end of this table and that you prompt your staff to change them every few months.
Of course, you will struggle to remember these new complex passwords so a Password Manager is a great tool for securely storing complex passwords.
Use different passwords for each account or log in, if one account gets hacked and you use the same password then they will have access to all your accounts.
Multi-Factor authentication acts as a fail-safe for passwords. When you login in MFA prompts you to take another action, the most common is to input a code that is sent to your mobile.
It’s a popular fail-safe you will see being used more and more. You can find out more about Multi-Factor authentication here.
Regularly Install updates
60 per cent of organisations that suffered a breach in the last two years had the right patches in place but couldn’t install them in time. That is according to a survey by ServiceNow.
That statistic shows how important these updates are. They are often security updates to fix vulnerabilities that have been identified by hackers.
By failing to install these updates you will leave your business exposed. Companies have struggled to regularly install updates with their staff and their devices away from the workplace.
As more businesses are allowing their staff to use their own devices for work there is a need to have a clear process for making sure any device connecting to your network is regularly installing updates.
Backup your data
Data is so vital to any business. The British Chamber of Commerce has found 93 per cent of companies that lost data for 10 days don’t survive.
With the number of attacks, each business now faces you have to prepare for being hit and a big part of that is backing up your data.
Properly backed up data will help your business recover from a data breach, and the quicker you can recover that data the less damage and disruption is caused to your business.
Antivirus and Malware
83 per cent of data breaches begin with a phishing email the latest Cyber Security Breaches Survey from the Government.
Anti-virus tools will help reduce the number of phishing emails that hit your inboxes. Anti-malware tools will help protect you from the malicious files in phishing emails.
They will also offer protection when employees in your business are using the internet. There are lots of different options for anti-virus and anti-malware tools with a wide range of pricing that will suit any budget.
Conduct annual staff awareness training
As mentioned in the previous point phishing emails are the biggest cause of data breaches. If your employees receive phishing emails and are unable to spot that they are scams, the whole business is at risk.
Similarly, internal errors and data loss are all the result of employees not understanding their IT security obligations.
These are issues that you can’t fix with technological solutions alone. Your business must instead support your IT security efforts by conducting regular staff awareness training.
Training courses should be given to employees during their induction and then repeated annually. Your employees face potential cyber attacks every day so you need to help them understand their vital role in protecting your company.
Regularly review policies and procedures
By creating policies and procedures, companies ensure that employees understand their security obligations and engrain the lessons taught during staff awareness training.
The more technical-minded policies also provide essential assistance for the security solutions offered by IT.
Technology moves quickly and so does cybercrime. You must continue to update your processes and policies to reflect that. With each vulnerability that is discovered you need to update your processes and procedures to cover that fix or change in working.
This is especially important as we continue to work from home or if your business moves to a mix of office and home working.
Cybercrime is a big-money industry. That means that cybercriminals are extremely proactive in their methods. That is why you have to stay informed on the latest trends in IT security.
This is the case even if you outsource your IT security. Although you are not directly looking after your IT security it is the business and the business owner that is ultimately responsible.
Sadly, IT security is never going to be something we can take for granted. Cybercrime has become too big of a business for it to ever go away. So businesses must continue to take their IT security seriously.
Follow these seven tips will help you make quick improvements but to follow protect your business you need to work with IT security experts. Infotech Solutions has been securing our clients for over 20 years.
To find out how we can help with your IT security contact us here, email firstname.lastname@example.org or call us on 01634 52 52 52.