2 minute read
Cybercrime
everything they can to reduce the likelihood of falling victim to an attack in the first place.
Won’t my IT company do all of this for me?
Advertisement
Many businesses outsource their computer and IT functions to outside companies – some will be able to assist with elements of cyber security, such as updating software patches and maintaining firewalls. But the ultimate responsibility on protecting your data and keeping your staff informed on current cyber trends will usually rest within your own company. If one of your staff accidentally or maliciously causes a breach in the network, that will sit with the directors, partners, and owners of the business. And many IT firms don’t possess the skills or experience to deal with a live or ongoing cyber incident. So, ask yourself a simple question. Do you know what you’d do if your network was attacked tomorrow morning? If you don’t know or aren’t sure you need to do something now.
What should I do now to protect my business?
• Ensure that you have Multi Factor Authentication (MFA) enabled as they are incredibly useful in protecting your systems, accounts and devices. A cybercriminal may be able to crack your username or password, but they do not have your fingerprint, Face ID or your mobile phone to authorise a log in attempt on a mobile authenticator app.
• Using passwords to protect your data – change your default passwords, avoid reused, guessable or predictable passwords. If your staff have a lot of passwords to remember, consider getting an enterprise password manager so they only have to remember one and the password manager generates and remembers the rest – saying goodbye to reused passwords.
• Make sure you have offline backups for your company data - Identify what data you need to back up and keep your backup separate from your organisational network.
• See what passwords you and your staff have which have already appeared in data breaches and change them as soon as possible Haveibeenpwnded.com is a free and legit website where you can enter your email address and telephone number to see if your information has been captured in a data breach. You can also register your email address or domain and get notified if it appears in another breach.
How can the ECRC help your business?
The Eastern Cyber Resilience Centre (ECRC) is a policing-led Home Office funded company established to help small and medium organisations tackle the rising threat of cyber-attacks. We offer FREE core membership that provides practical advice on building your cyber resilience, including:
• Free Little Steps training programme: A series of weekly emails, looking at bite-sized practical information to help businesses understand and build cyber resilience
• Regional and national threat alerts
• Signposting to free tools and resources from both policing and the National Cyber Security Centre
• We work with dedicated policing resources in your county that can provide cyber guidance and tools free of charge.
