Well, it’s 2020, and it’s safe to assume that we’ll all be drinking less, hitting the gym, calling our parents more often and finishing that book we’ve been threatening to write. Yep, those New Year resolutions are back in force (for now, anyway) and we’re ready to knock 2020 out of the park.
Yet, as a nation, there’s still plenty of cyber security stumbles we’re failing to address and falling for time and time again.
Time to polish off those lists – we’re adding a few cyber security resolutions, so your business IT enjoys the same success next year, as your slimmer, fitter self.
Don’t Assume You’re Safe
As detailed in our recent Sofa Time video with Adon of Mimecast, there’s an attitude among smaller businesses that they’re unlikely to be targeted by cyber criminals. The opposite is in fact true; smaller businesses front the largest of the UK’s cyber crime costs, paying £13.6 billion of the nation’s £17 billion in 2018. Complacency among smaller businesses is exactly what allows these cyber attacks to thrive, and so long as companies continue to assume that there’s nothing on their servers of value, criminals will continue to prove otherwise.
Educate Your Staff – and Yourself
Nearly half of all UK businesses were hit by phishing attacks in 2019, but a basic, human-error security blunder is 7 times more likely to scupper a company’s data security than a phishing attempt. That’s why it’s important to familiarise yourself and your teams with modern threats to security. Make the most of regular phishing training. It may not be the newest training technique, but it’s now more effective and more relevant than ever, not least for the small to medium-sized business.
There’s also that 4-letter acronym in the room: GDPR. If employees continue to fall for the pitfalls of phishing emails, it’s safe to assume that this new data law – introduced just over one year ago – is yet to become a common consideration. Unsecured URLs containing personal details have been the reason behind numerous easily-avoidable breaches, as has simply forgetting to apply BCC (Blind Carbon Copy) to mass email campaigns, exposing the personal details of thousands of users. Both constitute a breach of GDPR, and both could easily have been avoided by making people more aware and more cautious of their data security responsibilities.
Tread Carefully Through the Internet of Things
The Internet of Things, or IoT, is equal parts an exciting technological future and a hotbed of disasters waiting to happen. With ultra-fast 5G making it easier not only to connect our personal devices, but keep consistently fast connections even when not connected to WiFi, public spaces are set to become a buffet for the clandestine hacker.
Yet this doesn’t make WiFi any more secure either. Smart devices such as fridges, kettles, Echoes and Dots might make your home and office much more convenient, but each creates another gap in your cyber security that you’ll need to plug sufficiently. One need look no further than the North American Casino heist that was committed via a fish tank to understand the vulnerabilities of smart devices.
Don’t get us wrong- the IoT provides us with some incredible possibilities. But amidst all that excitement it might be worth stepping back, assessing how much you really need an internet-enabled toaster, and using only your most pertinent devices under first-class security measures.
We’re being neither subtle nor subliminal here; your cyber security spending should go up. Now, I get it; that sounds a little bit rich coming from a company who stands to profit from your security spending, so we’ll investigate how better to consolidate those expenses.
The Cloud’s an excellent place to start. Despite the concerns, cloud remains a safer alternative than locally stored data, protected not only by your security solutions but the service provider’s too. With so many hardware and software solutions moving to cloud-powered services, there’s also plenty of money to be saved by investing in them. Software as a Service, such as Microsoft Office 365, relies on a subscription-based service that’s budgeted to your company capacity, and is protected by Microsoft’s own cloud encryption. Moving to a VoIP telephony system, meanwhile, eliminates the overheads of your on-premises telephone exchange and line rental costs; all you pay for is the service, with your internet subscription covering for the connection.
The Cyber Security skills gap is widening, making it more important than ever to change the way we learn, teach and tackle our cyber security requirements. Start the year with these tips in mind, however, and you’ll be well on your way to closing the gaps in your company’s security.
Mirus are here to help. Whether training your teams, implementing our award-winning cyber security solutions, assisting you to become Cyber Essentials secure or moving you safely and swiftly to the cloud, we’ve everything you need for complete, cost-effective protection.
Call us today for a FREE Cyber Security Health Check, delivered with no obligation.
Would Your Teams Spot a Phishing Email?
Book a FREE Phishing Test and Training for up to 50 of your users, and see how strong your first line of defense is.