It is time to get serious. Is your business making these cyber security mistakes?

Every day we are getting warnings about threats to our cyber security. There is a reason why.?

Last year, ransomware attacks affected 81% of businesses. It is estimated that the cost of cyber-crime is going to hit $10,5 trillion by 2025 according to the 2022 Cybersecurity Almanac.?

It is time to get serious. We cannot afford to adopt a “wait and see” attitude.?

If your business becomes a victim of a cyber-attack, it will not only be your important data that is lost. It could potentially cost you tens of thousands of dollars in remediation or mitigation fees.?

In addition to the money involved, you will also experience weeks of downtime and unproductivity. The average downtime being 21 days (about 3 weeks) during a cyber-attack. Could your business survive a shutdown like this??

So, how does your business get serious about cyber security? It is important to take certain precautions to keep your data safe and secure.??

Having a layered approach to your security measures will protect your business in the best conceivable way. This is where several solutions are used, which work together to give you a level of protection appropriate to your business, reducing your risk of attack and making recovery easier should you fall victim.?

It is worth pointing out that you will never be able to keep your business 100% protected from cyber-attacks. Not without totally locking down every system, to the point where it would be exceedingly difficult and frustrating to do business (and your staff would constantly be looking for ways around the enhanced security).?

Finding the right balance with being as secure as possible and still being able to function in our businesses is the key to cyber security.??

There are three mistakes that many businesses make regarding cyber security, and they are also the most dangerous.??

Is your business making any of these??

• Not restricting access?

Not all employees are alike. There are diverse needs regarding access to company files and applications, depending on the job role. Allowing everyone to have access to all business data and functions will open more opportunities for cyber criminals.??

Restricting access protects you. Also, it is important to change access rights when someone changes job roles and revoke these rights when they leave.??

• Allowing lateral movement?

If cyber criminals gain access to a computer used by a member of your admin team, that might not be a disaster.?

But what if they could move from your admin system to your invoicing system… and from there to your CRM… and then into someone’s email account??

This is known as lateral movement. The criminals gain access to one system and work their way into more sensitive systems.?

If they can get into the email of someone who has admin rights to other systems or even the company bank account, they can start resetting passwords and locking out other people, including you, the business owner.??

One strategy against this is called air gapping. It means that there is no direct access from one part of your network to another.??

• Not planning and protecting?

Businesses that have a good working relationship with their IT partners who prepare and plan for protection are less likely to be attacked in the first place.??

However, if they are, then having a detailed plan of action will alleviate the pain. If attacks are caught early then, there will be less downtime and less headache trying to recover data.?

If you know you are making one (two, or even three) of these mistakes in your business, you need to act quickly. We can help.?

Call us, and we will review your current security arrangements.