From time to time, a big cyber security story will hit the press. Hundreds of firms will have their data held to ransom, thousands of people get their NHS appointments cancelled, or, in some cases, cashpoints start spewing bank notes on street corners.
With these horror stories in the press, businesses go into overdrive to keep their data and their assets safe. In between times, it’s easy to forget and become complacent. However, cyber security isn’t something that can be done once in a while – it needs to be a part of an ongoing effort to ensure your business is robust and resilient in the face of cyber-crime.
According to the Government’s Cyber Security Breach Survey, half of businesses and almost a third of charities report having experienced a cyber security breach or attack in the last 12 months.
For medium businesses, those more attractive to cyber criminals due to their considerable resource, that doesn’t extend so much as to enable them to employ extensive IT teams, around 70% experienced an attack. For larger businesses, the number is even higher, at around 74%.
According to the government survey, the most common cyber threats are relatively unsophisticated. This means that the government recommends basic cyber hygiene measures to protect against cyber attacks.
Cyber security hygiene measures recommended include:
1. Using up-to-date malware protection
Malware providers update their software to combat or identify the latest threats, patch errors or vulnerabilities that may be identified. They may use new techniques or methods to identify red flags, to help organisations spot if they become under attack sooner and respond faster. If you don’t have up to date malware, you’re putting your business at a big disadvantage.
2. Restricting admin rights
By keeping a handle on who has access and how they can access you can reduce the risk of unauthorised access or even just mindless sharing or carelessness.
3. Network firewalls
By having a network firewall, you rigngfence all the content you keep within that firewall, making access from the cloud and lowering the risk of DDoS attacks.
4. Agreed processes for phishing emails
Educating teams is a huge one, and by having an agreed process for phishing emails, you are not only raising awareness and reducing the risk of mindless clicking, you’re also more likely to catch any phishing attempts that go to more than one person within the organisation.
While the number of organisations with these processes in place has increased year on year, there are still businesses that don’t take the basic steps to prevent cyber crime.
It’s not just about the know-how
Advice is available online. Codes such as the government’s 10 Steps to Cyber Security – NCSC.GOV.UK have advice for businesses on how to keep themselves safe. However, as a smaller or medium-sized business, it can be difficult to justify the cost of full time IT specialists on site to run regular updates, backups, roll out upgrades, manage firewalls and keep on top of admin rights. Even if you do, maybe there aren’t enough hours to go around, or maybe there aren’t the skills to deliver against all of the things on the tick list that now comes with keeping the business safe and operating effectively.
That’s why, at ASL Group, we offer IT management services that can keep on top of all these things for you, so you can simply focus on running and growing your business. We have a team of experienced staff at our Network Operations Centre in Milton Keynes who can help you put cyber security hygiene measures in place and manage them on an ongoing basis, so you can reduce your risk of cyber attacks. They can also help you create backup plans to secure longevity and resilience in the event that things do go wrong.
To discuss how we can help reduce your risk of becoming the victim of a cyber attack, or protect your business from online risks moving forward, contact us on 0345 207 7000.
We look forward to talking with you soon.