Cybercriminals look for the low hanging fruit. That is, weak passwords, email scams, malware vulnerabilities, etc.
Your business is more likely to be a victim of fraud or cyber crime than any other offence. Although statisitcs for individuals falling victim are finally beginning to fall, the number of attacks on businesses continue to rise. Sadly, some of these attacks succeed.
And cybercriminals are constantly coming up with new methods of breaching your defences. We won’t call them clever – they don’t deserve any praise. But they are conniving, devious and very persistent.
Look for the weak points in your defences:
- Incoming messages with malicious links
- Malicious or fraudulent attachments
- Homoglyph domains with 1 or 0 in the place of an l or o; or with vv in the place of a w
- Impersonation attacks that appear to be from a trusted or senior colleague
- Weak passwords
- Websites that include malicious content/adverts
Educate your computer users – and follow up with the three Rs
- Repeat – it is never enough to tell people something once
- Refresh – try new approaches to the same message (an email, a video, an interactive approach)
- Renew – in a constantly changing threat landscape, you need to stay on top of the latest advice
Prevent and protect
- Have strong policies that you enforce for acceptable use, passwords, device management, etc
- Have screening on all incoming emails and web access
- Enable safe cloud access to your office tools and data
Continuity
In the likely event that your business is attacked, have a plan in place to restrict access, control damage, and rapidly restore normal work for all your team members.