Cyber security breaches are now impacting businesses and individuals in such great numbers that barely a week goes past without a front page highlighting it in some respect. Organised criminal gangs are using an effective blend of both basic and highly sophisticated methods to gain access to sensitive data and make money from it.
Personal losses in these attacks have never been higher. Private and sensitive data has been stolen and released en masse to the general public, creating embarrassment and damage to individuals’ profiles, company brands and investor confidence.
Cybercrime, by its very nature, is multifaceted. Highly organized groups leave very little chance for the unprepared to secure themselves without help from cyber security specialists. However, here are five simple things you can do to significantly reduce your risk:
1. Become more aware – Invest in accredited cyber awareness training. Learn about the threats specific to you, the risks and mitigation methods from the cyber threat. Good cyber security is not rocket science, it is about understanding it and treating it like any other business risk and awareness is the first step.
2. Long live Passphrases and 2FA – Passphrases should be a minimum of 14 characters, tricky to guess and never reused. This is easier than it sounds! There are excellent, secure password managers out there that only need you to remember one passphrase. You can see how some passphrases are better than others at Password Tester.
You should also use 2 Factor Authentication (2FA) on every service that allows it. 2FA requires something you know (password) and something you own (random number) to log in to an account. So if someone else gets your password, they still cannot get in. This would have stopped nearly all of the celebrity iCloud hacks in 2012.
3. Not-so-social media – Think carefully about what you do and do not put online. This extends to your family, friends and support staff. We have been able to pinpoint our clients’ locations while on holiday from the photos their children posted online.
More can be gleaned from social media than most realise, by using a number of sources, criminals (and competitors) can gain an idea of what you are doing, or where you are going, very simply. Do not forget, LinkedIn is just Facebook in a suit.
4. Secure your connection – Use a VPN whenever you are away from home or the office on your business and personal devices. Consider complimentary wireless internet services as a hostile environment. Hotels, cafes and restaurant wireless networks are like watering holes in the Serengeti to cyber criminals – a good place to hunt. A Virtual Private Network or VPN can solve this problem. It provides a “secure tunnel: that your data can use to get to its destination that others cannot “see” into. Options are available for as little as GBP 40 per year, and can be used on all your devices.
5. Have a plan – Suffering a breach is not if but when. However, you can have a plan for when it happens. What is your most sensitive data/systems? Where are your backups and how current are they? What do you need to do to get back to business as usual and in what timeframe? Who are you going to call when you need specialist help?