Cybercriminals have become smarter, something that catches companies off guard. Cyber attacks have become so sophisticated that individuals fail to distinguish whether they are being scammed or they are receiving a genuine email. In 2021, a Cisco report revealed that 86% of companies had a user who tried to access a phishing website. The positive news is that companies are starting to realise how important it is to protect an organisation against cybercriminals and they are taking steps to be proactive. 

What do cybercriminals want?

The first step before strategies are created or implemented is to conduct a thorough risk assessment that can identify areas of weakness, vulnerabilities or sensitivity. For example, the Human Resources team may store sensitive information such as employee addresses and phone numbers while the Finance team may handle data such as payment accounts for both employees and clients. 

The organisation needs to then determine which area is more open to cybercriminals. Cybercriminals are more likely to go after financial information but if the HR team is not storing employee details safely then they could be easier to access. Those types of areas are the ones that the business will need to address first. 

Likelihood and severity

Likelihood and severity do not only depend on what the cybercriminals want. As per the example above, cybercriminals may want to access financial information which could make the situation severe. However, if the financial team is following a strong prevention strategy, then it is unlikely that cybercriminals will be able to access the information without the employees making a mistake. As a matter of fact, the majority of data breaches occur because of human error. This means that there are many factors that could affect likelihood and severity, even though they may not be as obvious initially. 

cybercriminals

Strategies for protection against cybercriminals

Is it possible to completely eliminate the risk of cyber-attacks? No. But it is possible to take preventative measures that can contribute to a safer workplace. Those measures include:

  • Data backup
  • Training and re-training
  • Constant reminders
  • Download the right software 
  • Limit access
  • Implement a strong passwords rule
  • Have a plan

Data backup

Data backup is one of the most popular strategies that can help prevent data breaches. By backing up company data in a cloud storage or ensuring there is another copy, the organisation is not only protected against data breaches, but ransom attacks as well. This is because when there is only one copy of the file, is it easier for cybercriminals to access it and ask for a ransom to release it.

However, if there is a copy safely stored in cloud storage, their threats do not mean anything. If you have an automated backup process, make sure you have safeguards against backing up already encrypted data in the case of a ransom attack – e.g. make sure you are retaining multiple backups at different points in time.

If your employees choose to save information on a portable disk, then they should not leave the device connected to their computer for long. Once their file is saved, the device should be removed to lessen the chances of an infection. 

Training and re-training

When inducting new employees, it should be mandatory that they go through some type or cybersecurity training. This will inform them of what potential cyberattacks could look like and let them know how to respond to them appropriately. This could include reporting the attempt to IT or informing their manager if they clicked on a suspicious link. More training sessions should then be provided to employees as a form of raising awareness and informing employees of how cybercriminals’ tactics are changing.

This will allow the organisation to create a risk-aware workplace, which is the best way to prevent human error and protect the business from cybercriminals. Employees will be able to warn one another, recognise potential phishing attempts and become familiar with cybersecurity measures. One-off training sessions are not effective in preventing cyberattacks. Employees can forget what they learnt, and if those resources are not accessible, it is likely that they will not know how to respond quickly. The company should schedule regular cybersecurity training to achieve the best results. 

Constant reminders

Does awareness stop after training? It shouldn’t. Depending on how high the risk is, the company should take every opportunity to remind employees of the threats they are facing. 

Some ways the management could approach this include:

  • Bringing up articles about new types of cyber attacks in team meetings
  • Presenting the team with examples that ended up in the email filter
  • Sharing a personal experience (e.g. something that happened to a loved one if they feel comfortable)

Some companies choose to send fake scam emails to employees to test whether their prevention strategies are working. This idea is great as long as employees are not negatively targeted. For example, doing this to fire or reprimand an employee may not be the best way to approach the issue. 

Download the right software

One of the best things you can do for your business is buy licenses for the right software. This includes anti-virus, VPNs and file encryption.

Ensure that every employee and work device has an anti-virus installed. The anti-virus should be used at all times, especially when employees browse online or open emails. Reliable software can stop suspicious connections and block website cookies and ad tracking. It is extremely important that employees leave as little information as possible online. That way cybercriminals will not be able to track them as an employee of the company and have them as a target.

VPNs can step in here. People underestimate how necessary VPNs are, especially if employees are constantly travelling. People tend to leave their Wi-Fi on even when they are not using it. This leaves them vulnerable to cybercriminals who create free public Wi-Fi connections to steal information. VPNs can encrypt a device’s connection to the internet and make it harder or even impossible for the device to be tracked or accessed.

Employers should stress and stress again how crucial it is to not connect to public Wi-Fi and turn off the setting when staff do not need it. This will minimise exposure to threats and lessen the likelihood for a data breach or cyber attack. 

Today they are many types of software and apps, including services such as Gmail, that can assist in encrypting important information. If other options seem expensive, Gmail offers a confidential mode where businesses can set passwords to documents they send to their colleagues. This can be extremely helpful with sensitive data as it can lock cybercriminals out or make it harder for them to access the file. 

Limit access

If an employee is not part of a department, lock them out of folders concerning that department. Employees should only have access to folders or systems relevant to them. The more access an employee has to a system, the riskier they are. If they make a mistake, or fall victim to a scam, all files could be compromised. Talk to employees and communicate that it is not a trust issue. Limiting access to information and systems is essential for the safety and future of the company. When giving access to sensitive information to new employees, ensure that they pass a screening test and they do not have any conflicts of interest. 

Implement a strong password rule

Another preventative measure the business can take is making it mandatory for employees to have strong passwords. Implement 2FA across all systems used by the company and provide requirements for passwords to staff. This could include more characters, no birthdays or names used, different passwords for each software or a confidential and reliable password manager. Some anti-virus software gives customers a safe password manager they can use by inserting the master password. A password manager should only be used if employees are unable to remember their details without writing them down. Passwords are safer when they are not stored anywhere. 

Have a plan

Are you prepared for the worst-case scenario? Companies may focus too much on preventing cybercriminals from accessing their systems without having a solid plan for what happens if they do. Once they access information, the problem does not end there. An Incident Response Plan is as necessary as control measures. 

The steps that are usually involved in the response plan include:

Detection 

Detecting the leak or attack is crucial for understanding its current and future impact. The business needs to quickly identify which areas were affected and move on to the second step.

Containment

Are there employees available who can quickly contain the damage before letting it affect other departments? This is very important if the business is dealing with sensitive information. 

Recovery

Is there any information that can be recovered? Or is everything lost? After a cyberattack businesses should not accept the situation and give up. They need to act quickly and determine whether all information or funds have been stolen. It may be easier to recover funds than information, but regardless, businesses have to look for ways to recover any stolen data.  

Investigation in a cyber incident

Are you looking to make your company safer? At Polonious, we help companies investigate cyber incidents so they can strengthen their measures and prevent future cyber attacks. We understand how cybercrminals can attack anyone anytime and provide our customers with efficient workflows that will help them finalise cases quickly and effectively. Do you want to see how we can help you? Reach out and book a demo!