Businesses are ever more reliant on the Internet and computer networks. Business networks are under constant and relentless attack from viruses, malware, hackers and phishing scammers, which is why it is so important to protect your network and always be cybersecurity aware. Robust cybersecurity systems can massively reduce this risk.
Hackers are continuously looking for new vulnerabilities to exploit. You might have heard about the 2014 hacking of Sony Pictures’ network, which the FBI attributed to the North Korean government, or the TalkTalk network attack in 2015, where nearly 157,000 of its customers’ personal details were accessed. Or more recently the NHS Cryptolocker virus infection and British Airways hack being the biggest data breach of 2018.
This is just the tip of the iceberg and as you can see this is a trend that shows no signs of slowing down. Cybersecurity must be taken seriously and adopted at all levels of your organisation.
When networks are not secured, information about organisations and individuals are at risk of being exposed and compromised.
According to the SANS Institute,” cybersecurity is the process of taking preventative measures to protect the underlying networking infrastructure from unauthorised access, misuse, destruction or improper disclosure. Implementing these measures allows computers, users and programs to perform their permitted critical functions within a secure environment.”
Truly securing a network requires a multi-layered approach that could include:
- Gateway protection, such as firewalls or Unified Threat Management Devices
- Software, such as Anti-Virus and Anti-Malware applications
- Email scanning, including virus and phishing scam protection
- Intrusion Detection platforms, advanced platforms using machine learning to identify suspicious behaviour
- Multi-Factor authentication, available with most productivity suits such as Office 365 or Google’s G-Suite
- Stolen credential scanning, searching the dark-web for your user details
- Data Loss Prevention systems to track your data and prevent unauthorised export from your network
But by far and away the most important factor is user education and awareness.
Being cyber-secure often requires a step change is user behaviour and awareness in the security implications of actions carried out on the network. One simple and innocent action could jeopardise your entire organisation – training is KEY!
Another little-discussed area of network security is the impact of employees on your business’s vulnerability. A recent breach from the Federal Deposit Insurance Corporation which insures bank deposits in the USA highlights this point.
The FDIC recently reported five “major incidents” of data breaches in which employees were to blame. In each instance, an employee inadvertently downloaded system data, including taxpayers’ personally identifiable information, before leaving the agency. The breaches were large enough to generate national headlines, not to mention considerable bad publicity.
Attacks can be grouped into structured and unstructured. A structured attack is an attack by an individual or organisation with the skills to intentionally target a specific group or company. An unstructured attack is an attack often by an individual who does not understand, or care, who they are targeting and use tools that can be found easily.
Both types of attacks need to be taken seriously because they have the same potential to expose confidential information and create distrust between a company and their clients.
An article on the MOD contracts website tells us that the latest 2018 Thales Data Threat Report has revealed that the UK is the most breached country in Europe, with 37% of businesses across the UK being breached last year.
UK businesses face a growing threat from cyber-attacks, now is the time to invest in your business’s network security strategy. If you would like to learn more about how Netitude can help with implementing better cyber security for your business, please get in touch.