Digitisation has its dark side, and that comes in the form of cyber attacks and threats. Even as we amp up digitisation we also have to boost our cyber security measures.
We hear about cyber security incidents increasing nowadays. Whether it's an individual, a small business or huge corporation, nobody is immune to it. The mentality of "It won't happen to me" is a luxury we cannot afford. It would do us all a world of good to step up on our security measures. And this goes beyond just having one single measure. Perhaps you already have an anti-virus software, but remember, it is like the vaccines for the recent biological virus. They are not foolproof, in some cases, they just make you feel less sick.
Cyber crime is real
Cost of cyber crime is inching towards $10.5 Trillion annually By 2025.
YES. Cyber crime is real. Fans of Black Mirror on Netflix will understand this well. Technology is amazing, and it also has a very dark side if we are not careful. As a business, you need to have best practices for your cyber hygiene. You don't want to be in a situation where you are desperately putting out (virtual) fires because of data breach.
'46 percent of organisations had suffered damage to their reputations and brand value as a result of a breach. Another 19 percent of organisations suffered reputational and brand damage as a result of a third-party security breach or IT system failure.' - Forbes, The Reputational Impact of IT Risk
Your business probably has quite a few social media channels for marketing purposes. Social media's reach is across the entire planet, and they connect your business beyond to other pages, websites, forums, groups etc. All the time, money and effort you spend on the content and design for these sites will go down the drain if the account is compromised. Monitor your channels. It could be a prank where someone impersonates you and uses your business account, but if it's not caught in time it could cause a lot of confusion and generate mistrust.
Three most common cyber attacks
Pronounced 'fishing', this is far from being a peaceful activity. It's when criminals use emails, social media, phone calls or text message to scam people. They pretend to be a trusted organisation and weave a lie to trick you into doing things such as revealing your bank account information, paying fraudulent invoices, or giving them remote access to your computer etc.
Phishing has become more sophisticated over time, so you need to be alert. Beyond emails, have a healthy dose of paranoia if your instincts tell you something is 'phishy' about the messages you receive for urgent requests for money, changing your bank account or checking your login details.
Be on the alert if you receive messages that run on an extreme emotion. It usually sounds urgent and it generates a strong emotion in you to either panic or get your hopes up. It usually sounds like an authority figure, and they promise you things that are simply too good to be true. These criminals do their homework, so they often make the message out to be related to current events to get your attention.
If you think you are experiencing some sort of phishing, do not access the links or contact the said entity. Check against their official websites, contact details etc.
These are the nasty cyber bugs. Call them viruses, spyware, trojans or worms, they eat their way into our confidential and sensitive information such as bank information and passwords. They steal our data or intellectual property, and this can lead to identity theft or fraud. They spy on what we do. If you're not careful, this is where your Evil Twin could emerge.
To protect your business against malware, update your operating system and software applications regularly (just set it to automatic). And always remember to back up your information. Be safe, not sorry.
Nowadays criminals are smart. They don't kidnap children or pets and demand money. That's too much physical work. Nowadays, criminals seize your computer in cyber space, lock it down by encrypting your files until you pay them money to release it.
They get into your devices when you visit unsafe or suspicious websites. If you open links, emails or files from unknown sources, or have little or no security on your servers or devices, you are at risk of such attacks.
The tricky thing about this is, paying the ransom is not a guarantee you'll get your files and information back. Worse still, your data could already be sold for other crimes. The upsetting thing about this is, if unstopped, the crime gets passed on to the next victim.
If you unfortunately experience this, call the 24/7 Hotline on 1300 CYBER1 (1300 292 371). The ACSC encourages victims to report to them via ReportCyber to help protect other Australian businesses.
As with other types of cyber threats, make sure you backup your important data regularly. A few minutes of this ensures good cyber hygiene and and prevents a lot of angst should anything happen. Set your operating systems, software and apps on automatic updates. If multi-factor authentication is available to access services, activate it.
It may be well worth getting the services of an IT professional to audit and secure your devices. The cost of a cyber attack will far outweigh what you pay for prevention.
10 Tips for Good Cyber Hygiene
- Have you installed a reputable antivirus and malware software? This is like the brawny bouncer for your business. He checks for the bugs and baddies and keeps them out. It can automatically and routinely scan your system to make sure everything is nice and clean.
- Do you update your software, programs, apps regularly? Latest updates are important because they have the latest protections. If you can't be one step ahead of the criminals, at least be on par with them.
- Do you have good password practices? They should be complex, changed regularly and avoid using the same password for everything. We know, it takes a bit of brain power to do that, but if taxi drivers in the past knew every single street and alley of the city in their heads and waiters can rattle off every order of every table at the busiest time of the day by sheer memory, then we can all train our brains to remember passwords. (It helps keep the brain young and agile!)
- Do you use multi-factor authentication (MFA)? Sometimes known as two-factor authentication, this is a best practice that gives you an added layer of protection. It just means that apart from your password, you'll be required to perform an additional step to prove you are, well, who you say you are. This could be a unique code sent to your mobile, or a fingerprint recognition. All the fancy stuff you see in science-fiction action movies about scanning retinas etc. is in today's world, becoming a norm.
- Do you back up your data regularly? Seriously, don't leave this to the last minute. It's wise to back up important files offline on an external hard drive or in the cloud...or both! If a hacker gets in to your system and holds your information hostage, you won't go into a panic and pay them to release your data. Because they'll take your money and you'll never see your data again. Don't be a victim.
- Is your hard drive clean? We all feel the frustration of planned obsolescence in so many of our devices nowadays, so we do go through a few laptops, tablets and mobile phones in a space of a few years. Before you sell them or chuck them in the trash, make sure you do a deep clean of these devices before they leave your hands. It's not just about deleting files or data. You need to reformat and wipe the hard drive clean. Remove all software and data from your hard drive. Unfortunately in real life, these things do not self-destruct in 10 seconds. Perhaps in the near future this could be something programmed into our devices!
- Do you know who has access to your programs, apps, platforms etc.? Not everyone on your team is going to use everything, so check who you authorise access to, and limit their access as well. Nobody then gets overwhelmed with having to be careful about so many areas. This is especially important when employees leave the company. Make sure you delete their access.
- Do you train your team about cybersecurity? Give your team regular training on the latest cybersecurity and IT issues. The cyber hygiene of a business is a collective effort and everyone is accountable. This can also be useful to help you draft a disaster recovery plan in the event of a cyber attack. When everyone knows what to do, you avoid panic attacks and blame, and get to the solution immediately to reduce further damage.
- Do you clean up regularly? This means removing data, files, apps that you no longer use or which are not necessary. This helps free up storage and also keeps your cyber space clean. Make sure you delete or uninstall software or apps that you don't need anymore. Technology makes it very tempting to subscribe to every single app out there and the ones we use regularly are just a few. The rest just take up space and provide unnecessary openings to bugs and baddies.
- Do you keep the personal and professional cyber space separate? There is a reason why some businesses provide a laptop and work phone for employees. It helps to keep the business cyber space safe when it is not connected to personal uses. In our personal cyber space, there is a lot less protection and a lot more openings to a variety of programs, apps and platforms. Hackers can find their way through anything. All they need is one single door in.
At Vermilion Pinstripes, we simply love technology, so speak to us if you are not sure about the cyber security of your business. It's a lot more manageable than you think. Here's to good cyber hygiene practices so we can all stay safe, even in cyberspace!
Other interesting topics
About Vermilion Pinstripes
Vermilion Pinstripes is a modern sales marketing and communications agency driven by a singular mission:
To help businesses thrive with confidence.
We harness the power of our collective expertise in business, communications, marketing and technology to help brands achieve their goals. This is through our Modern Marketing framework which guides teams to orchestrate the customer’s journey as one voice, one brand.
We are operating in The Experience Economy today. Workshops are part of our integrated plan to empower experienced B2B business, marketing and communications professionals on their journeys of growth for their brands.
Sales office: AUSTRALIA - Sydney, Port Macquarie, Melbourne and SINGAPORE