Many people believe cyber crime only happens to large corporations with massive customer databases and large, complex computer systems. The truth is rather different.
In reality, many smaller businesses are increasingly vulnerable to cyber crime, so all business owners need to overhaul or at least check their security. Remarkably, in the UK, over half of businesses suffered some type of cyber threat in 2017 and the financial impact of the biggest attacks regularly makes the latest headlines.
More and more tech is being used by business such as smartphones and tablets issued to staff, modern point of sale equipment to enable speedy and quick purchase transactions, and computer controlled machinery such as in logistics centers and manufacturing environments.
Lack of vigilance and ignoring precautions when using this modern tech can create vulnerabilities for cyber criminals to exploit.
What are cyber criminals after?
Sometimes it’s just to cause disruption, but usually there’s a distinct motive such as accessing a company’s customer database and ‘harvesting’ sensitive data such as email and home addresses, credit card data, bank details and more.
Preventing Cyber Crime: How to prevent cyber crime from happening?
Common causes of cyber crime:
Human error: much of the risk stems from staff not observing safe practices often through ignorance; for example, opening a phishing email because they’re unaware of what they are and how they’re presented or setting a too-easy-to-crack password.
Updating systems and software: another large element of the risk is through not maintaining and updating systems properly; something simple such as updating to the latest operating system might plug a security vulnerability that cyber criminals have been exploiting.
Update other software: many updates revolve around attending to a recently discovered security vulnerability, so outdated firewall, anti-phishing, anti-malware, anti-virus and DNS protection software can add to the vulnerabilities.
Therefore, updating all system software regularly is an important basic step to combat cyber crime.
Train staff in cyber security
As said above, often staff using tech aren’t fully aware of the threats they face. It’s worth having periodic training to appraise them of the risks and encourage them to adopt safe practices such as the following:
- Emails – the perils of phishing emails and how to spot them, and being on guard against emails from unknown sources, asking you to either visit a certain website or open an attachment
- Passwords – the need to adhere to the company’s password policy (for example setting strong passwords and changing them every week, month or whenever is prescribed)
- Social engineering – guarding against cyber criminals using platforms such as social media to ‘befriend’ staff, win their trust and gain access to sensitive information
- Safe sites – how to spot potentially dangerous websites that may download harmful malware or viruses to the system compared to perfectly safe ones
- Other tech – if staff are given other tech to use for their work such as a smartphone or tablet, then an awareness of risks to these devices from cyber criminals is important to know
Human error is always a vulnerability that even the strongest security procedures can’t always combat, so ensure staff are trained – and that it’s ongoing.
Ensuring staff only have access only to the parts of the network relevant to their work prevents too many people having higher level access.
A company wide policy regarding passwords is a basic cornerstone of good cyber security; they should be strong passwords and changed frequently with care taken as to who they are issued to.
Hire a security professional
An expert in systems security can assess and advise you as to how well or otherwise you’re protected and, if not, what to do about it.
They’ll also advise you of the latest threats and can ‘keep you in the loop’ on an ongoing basis – and may be able to provide security training for your staff or at least know of a good training provider.