Listen to this article here
|
Stockport IT support business Amshire IT explains how cybersecurity impacts a business and the steps you can make to keep your business secure.
What is cybersecurity?
The core function of cybersecurity is to protect networks, devices and data from unauthorised access. This is achieved through securing sensitive information and systems from prohibited use whilst simultaneously ensuring the confidentiality, integrity and availability of all related data.
Every organisation has the potential threat of cybercrime
Whilst the value of bank account details and invoices might be more apparent, cybercriminals no longer solely focus on organisations that handle this type of information.
There is inherent value in a much wider range of data, including contact lists, official emails and internal communications – now these might seem valuable but they can be manipulated by cybercriminals. For example, with access to information, cybercriminals might transfer funds with these details or create fraudulent invoices.
Types of cyberthreats
- Malware – malicious software, including spyware, ransomware, viruses, and worms. Malware breaches a network through a vulnerability, typically when a user clicks a dangerous link or email attachment that then installs risky software.
- SQL Injection – A Structured Query Language (SQL) is a domain-specific programming language that forces the server to reveal information it normally would not. An attacker could carry out a SQL injection simply by submitting malicious code into a vulnerable website search box.
- Phishing – Phishing is the practice of a scammer disguising as a reputable source or authority figure, usually through email. The goal is to steal sensitive data like credit card and login information or to install malware on the victim’s machine. Phishing is an increasingly common cyberthreat.
- Denial-of-service attack – A denial-of-service attack involves blocking legitimate users from accessing information and devices, or other network resources. The attack overwhelms the system with fake traffic and as a result, the system is unable to fulfil legitimate requests. DoS attacks can cost an organisation both time and money.
- Man-in-the-middle attacks – Man-in-the-middle (MitM) attacks, involves intercepting traffic between two or more points in a network, either using malware or via an unsecured internet connection. Once the attackers interrupt the traffic, they can filter and steal data.
Cybersecurity Best Practices
Cyber-criminality is not limited to one industry, as confidential information across any sector is of value, but the methods of reducing your business’ risk of a successful attack are the same:
- Application control – Limit the usage of applications to a refined list on all workstations and servers.
- Configure Microsoft Office macro settings – block all Microsoft Office macros in documents originating from the internet. Restrict privileges that let Microsoft Office users change these macro settings.
- Restrict administrative privileges – this method is to limit the number of users who have administrative access. Additionally, requiring validation for particular access, including regular re-validation to add another level of security.
- Patch operating systems – patch all operating systems within 48 hours of a vulnerabilities discovery, automate OS updates and update or replace operating systems that are no longer supported.
- Patch applications – install all security patches and updates within 48 hours upon publication from the application vendor. Automate updates on all third-party software.
- Deploy Multi-Factor Authentication – ensure that the use of multi-factor authentication (MFA) is mandatory for all of the workforce.
- Perform daily backups – certify that essential data and systems are backed up every day. Additionally, validate and test backup solutions regularly.