Inexpensive Ways to Protect Your Organization Against Cyberattacks
Large corporations are not the only targets of cyberattacks today. Mid-size and smaller entities are increasingly becoming victims of attacks. According to the Verizon 2019 Data Breach Investigations Report, 43 percent of data breaches involved small business victims. Sixteen percent of those breaches were of public sector entities. Unfortunately, cybersecurity often moves down the priority list for businesses due to common challenges like budget constraints and lack of education. However, protecting your organization against cyberattacks doesn’t have to be a cost-prohibitive endeavor.
Consider some of these cost-effective steps to strengthen your organization’s cybersecurity defenses and proactively protect your business:
- Secure your hardware. Take inventory of your hardware and software and boot off unknown devices and users. Many businesses don’t know what’s on their networks. Ensure all devices are protected with secure passwords and that those passwords aren’t available in an easily accessible place.
- Know your strengths and weaknesses. Any time a network changes, organizations face the possibility of introducing new risks to their systems. Adding a router, replacing a server or implementing new software can create possible cyber vulnerabilities. It’s important to perform periodic risk assessments to identify areas of weakness, develop incident response plans, and keep those plans current by revisiting risk assessments whenever networks change.
- Take control. Look for a privacy-focused Domain Name System (DNS) provider and consider using ad blockers on web browsers. Doing so helps prevent users from clicking bad links. Make sure your applications are set to auto-update or implement a process to install security patches every month. As a firm that does simulated hacking for our clients, we see how unpatched software leaves businesses vulnerable.
- Encrypt your data and back up your systems every night. Data encryption is one of the most efficient tools to combat data breaches. Sensitive information can include customer information, employee information and business data. Ransomware causes more issues for companies without backed up files in a separate location.
- Cultivate a security-focused culture. Employees are one of the most common causes of data breaches, as many don’t recognize cyber threats when they occur or have a comprehensive understanding of what actions can leave their organization vulnerable to a cyberattack. Discourage password sharing and encourage avoidance of unsecured websites and networks. Incentivize your employees to create strong passwords and encourage a password manager. During simulated hacking attempts for clients, we have encountered powerful security defenses but bypassed them with weak user passwords (e.g., Password1).
It’s more important than ever to ensure your organization has the appropriate security controls in place to help protect your data and mitigate the chance of becoming the next cyberattack headline. For more information on how to strengthen your cyber controls and establish a strong culture of cybersecurity awareness, contact Bill Gogel at 314.983.1363 firstname.lastname@example.org.
Don’t miss our Q2 Advisory Risk Briefing event series, which includes three options for attending: Thursday, June 13 in St. Charles; Friday, June 14 in Creve Coeur; and Wednesday, June 19 via live webinar. Bill Gogel, Advisory Services Manager at Brown Smith Wallace, will discuss more about 2019 cyber trends and additional cybersecurity strategies. You can register for our Q2 Advisory Risk Briefings at brownsmithwallace.com/events.