In recent years, small and medium businesses (SMBs) have increasingly become the focus of cyber attacks. Over 53% of businesses across the world have experienced a cyber security attack, as revealed in the 2018 Cisco Cyber Security Benchmark Study. Of those businesses, 20% claim attacks have cost them more than US$1 million in economic loss — an amount significant enough to put some SMBs out of business.
We know attackers are evolving and adapting their techniques faster than defenders, but there are a few simple steps business owners and managers can put in place to protect their business against cyber security attacks.
1. Monitor your website traffic on a regular basis
Each time someone visits a business website, either via laptop, computer or mobile, a digital footprint, also known as an IP address, is left behind. For a business, suspicious website activity consists of a large amount of traffic from one particular IP address, especially if that traffic is over a short period of time.
Monitoring your website traffic effectively using a DNS monitoring service will not only allow you to track IP addresses, and highlight unusual activity, but also enable you to block any suspicious activity.
This is one way to monitor who visits your site and identify potential patterns that may help you stay one step ahead of the attackers.
2. Accept your system updates
It’s so easy to hit ‘remind me later’ when software and security updates pop-up on your screen, especially if you’re in the middle of a complex task, however, in doing so, you’re leaving your system vulnerable to attacks.
The Australian Cyber Security Centre states it can take as little as 48 hours for a cyber criminal to release malicious bug into your system, so if you’re not accepting software updates you may make yourself vulnerable to an attack sooner than you think.
Accepting all the auto-update capabilities as soon as they appear on your computer is an effective way of ensuring you stay protected. When you consider that a cyber attack on your system on average leads to eight hours of downtime, a few minutes to install and download new software is nothing in comparison.
3. Get creative with your passwords
According to SplashData, ‘123456’ has been the most common password for the last five years running, with ‘password’ in second place. Creating complex passwords that are unique to each site and application is another way to strengthen cyber security across your business. Using a series of upper and lower case letters as well as symbols is one way to make passwords slightly more complicated to crack. Remembering many different passwords can be a challenge, so a password manager application is an option.
4. Introduce multi-factor authentication
Introducing multi-factor authentication is a great way for businesses to provide yet another security layer to their system in addition to a password. The benefit of this is there is still another security layer for the criminals to get through, should the unfortunate happen and your password is breached.
Multi-factor authentication with a zero-trust solution is a great way to stay secure by verifying the identity of users and the health of their devices before providing access to applications.
Cloud solutions also provide an effective security option that is open, automated and simple to set up, providing a first line of defence in protecting all your internet-facing applications. With people working more mobile and connecting from multiple locations, these tools help block threats by understanding internet activity patterns, which identifies risks.
In addition to the above, finding out more about how you can protect your personal and professional devices is key, such as reading up on cyber hygiene. With the cyber security environment changing all the time, understanding where the threats are and how you can protect yourself is important.
When it comes to cyber security, there is no ‘silver bullet’. However, implementing and practising these measures will help will provide an important first line of security defence for your business, making it harder, and more complicated, for criminals to enter your network.