Cybersecurity breaches are everywhere and are costly to any organisation. Cyber criminals are not selective, it can happen to anyone, so you cannot ignore the fact that it could happen to your organisation without notice.
It is important for businesses to understand the current types of threats, and how cybersecurity tools can assist you to handle and mitigate a cyber-attack.
What is the risk?
A cyber-attack can have a devastating impact on your business including:
The average cost of a cybercrime reported to the Australian Cyber Security Centre (ACSC) ranges from $39,000 to $88,000.
Attacks come in many forms including, but definitely not limited to social media, emails, phone calls, and there is no way to know how or when your business may be exposed.
How can you identify and mitigate the risk?
Being prepared for a potential cyber-attack is paramount. Protecting your digital environment is a complex and an ongoing process. It requires a combination of technical measures, policies and user awareness, not just now but on-going.
Implementing a good foundation of measures will help to mitigate your risk of cyber-attacks. These may include:
Multi-Factor Authentication (MFA).
MFA adds an additional layer of security as it requires two or more pieces of information to login. Manage your business shared accounts with MFA and keep a list of staff who have access. Ideally, each staff member should have their own account login that can be easily removed should they leave.
Use strong passphrases and password managers.
Passphrases are passwords that use four or more random words and never use the same password for different accounts. Consider using a password manager to help generate or store secure and unique passphrases.
Set up and maintain access controls.
Use access controls to provide the required level of access for staff to perform their work, and revoke access when they leave the business.
Update your devices regularly.
Turn on automatic updates for your devices and software.This ensures you have the latest security in place as often software updates fix any security flaws in the operating system and software.
Back up your files.
Safeguard your data by having your important files backed up.Having digital backup copies of information makes for easier and faster recovery.There are many backup methods that are available in the market, it is best practice to choose the one that’s right for your business.
Use antivirus and ransomware software to scan and eliminate suspicious files. Ensure your documents are encrypted at rest and in transit.
Use secure networks and external services.
Outsource services such as a Remote Desktop or use an online or cloud-based service that offers built in security. When using cloud services, find out if your data is stored locally or overseas – it is more secure and easy to recover if stored locally.
Educate staff about cyber-security.
Making sure your staff are aware of the risks of a cyber-attack and how they can be prepared can mean the difference between almost being attacked and responding to a breach.
Erase data on devices before selling or disposing. Do this by completing a factory reset.
Keep devices locked and physically secure just like you would in your home.
Know your responsibilities.
Know what your responsibilities are under the Privacy Act.Understand what data your business holds and find out who are the custodians of the data you’re capturing for business purposes.
Be prepared.
Consider appropriate insurances which can cover your business in case of breaches.
Make a cyber-attack emergency plan - every minute counts when under cyber-attack.Having a crisis management business to work with in times of need can make or break your companies response to a cyber-crisis.
Stay informed to latest threats by registering your business with the ACSC Partnership program.
How can a Moore advisor help?
Cybersecurity is a constantly evolving landscape and there are new threats constantly emerging. Regular assessment and update of security measures to adapt to new challenges and technologies including collaboration with cybersecurity experts and staying informed about latest trends and threats is your best protection.
Our advisors offer tailored cybersecurity solutions to businesses of all sizes, from start-up to large corporations. Contact your local Moore Australia advisor today to discover how your business can benefit.