3 minute read
Cybersecurity awareness is critical for every size business
BizIQ A MONTHLY COLUMN OF BUSINESS INSIGHTS FROM CENTRAL KENTUCKY PROFESSIONALS
BY ERIC DEL VALLE
CONTRIBUTING WRITER
One of our customers said it best: “IT is one of those things that, when it’s working, you don’t notice it; you don’t think about it. But when it doesn’t work, that’s when it becomes a pain point in your business and can be the root cause of a lot of frustration.”
Lexington isn’t known as a town that was hit with a significant security breach, and hopefully, it never will be. Unfortunately, cybersecurity is typically a reactive solution business owners make after observing the threat of an actual attack. The most common misconception business owners have about their network is that their company is too small to be a target when, in fact, 71 percent of cyberattacks occur at businesses with fewer than 100 employees.
Cybercriminals target small businesses because they know they are less likely to have the proper solutions in place to prevent such an attack. A company’s size and location are not relevant to a cybercriminal, but sensitive data like employee social security numbers or direct deposit information is.
Why your employees are your weakest link.
All types of a business’ information can be found online — from the “our team” page of the business’ website to employees’ personal LinkedIn or other social pages. These details make it easier for hackers to use social engineering to target the weakest link in your cyber defense: your employees. Cybercriminals use sophisticated means to disguise emails so they appear to be from a safe source, such as from the company CEO. These emails often contain links to malicious websites to collect personal and company information or to infect your computer with malware and/or other viruses.
Human error accounts for 95 percent of all cybersecurity breaches, usually due to a lack of a proactive approach to cybersecurity. While technology can filter most threats, it will never eliminate everything from reaching employees.
Improving cybersecurity awareness.
Identifying a cyber threat is more di cult for a human than automated technological defenses. However, empowering your employees to look for and recognize common cyber threats is the first step to improving your security.
The entire organization — from reception to the c-level suites — is responsible for cybersecurity. Security awareness training teaches employees to understand the vulnerabilities and threats to business operations, plus the consequences for the company if they are careless about security.
What can I do on my own?
The threat landscape is constantly changing. Antivirus protection from last year will not protect your network from viruses that are created today. To provide an extra layer of security for your network, follow these simple tips: • Keep software up to date. Work with your IT team to initiate automatic updates for your operating system and install software patches when necessary. • Utilize strong passwords. The more complex the password — utilizing uppercase and lowercase letters, numbers and symbols — the more protected your computer will be. Do not use the same password for more than one program. • Two-factor authentication. Two-factor authentication requires a secondary device or program to access a user’s account. • Cybersecurity awareness training. Mandatory training to recognize threats will decrease your risk of an attack. • Antivirus protection. O ering comprehensive threat protection, antivirus is necessary to safeguard your computer against known viruses and all sorts of malware, such as ransomware, Trojan horses, spyware, adware, identity theft and more.
It’s essential to have a plan. Assume you’ve been breached, then work with your team to determine what you would do if your systems became unattainable. The single most e ective way to protect your business from data loss is to consistently back up your data to the cloud. Not only will you have another copy safely stored in case of a breach, but cloud storage enables you to access your documents anytime, anywhere.
As an organization, you must be right with your defense strategy every single time. But unfortunately, the cybercriminal only has to get it right once. So, make your plan, take action, close your vulnerabilities, and you’ll be a step closer to protecting your employees, your customers and your network data. BL
Eric Del Valle is the business development manager for 46Solutions in Lexington. Here, he shares ideas on protecting your business from its greatest threat: cybercriminals. For more information on cybersecurity awareness training for your team or help to develop a defense plan for your network, contact Eric at 859-788-4600.
