How-Employers-Can-Guard-Against-CyberAttacks
News: Press releases & Industry News
03
DEC
2018
Industry News

How Can Employers Guard Against Cyberattacks

AI, Cybersecurity, Enterprise Software, Industry 4.0 in the DACH Region, Internet of Things, SaaS & Cloud

How Can Employers Guard Against Cyberattacks

Cybercrime is one of the biggest challenges facing businesses today. In 2017 there were 159,700 cyberattacks reported worldwide, exposing more than seven billion data records. These included the headline-grabbing attack on the credit evaluation agency Equifax, where hackers exploited a vulnerability in their application framework, gaining access to personal data belonging to 146 million people around the world.

Whether your organisation is large or small, cybercriminals do not discriminate. For example, research from the Ponemon Institute shows that  61% of SMEs experienced a cyberattack in 2017. As the head of an organisation, you have a responsibility to your customers and your staff to make sure you are as insulated as possible against cyberattacks. So what are the steps you can take to prepare your business and ensure that your employees play their part?

 

1 – Be Mindful of the Threats

Before you can start to safeguard against cyberattacks, it’s essential to know the many ways in which cybercriminals can target your organisation.  Some of the most popular include:

  • Remote attacks designed to bring down your business’ website or IT system
  • Attempts to steal customer or employee data
  • Ransomware – a remote attack that freezes your IT system until you pay the ‘ransom’
  • Theft of IT equipment
  • Using your staff to get into your system, unwittingly via phishing or wittingly by co-opting them

Cybercriminals are developing new ways to target businesses all the time. It’s important to stay up-to-date with their methods. Once you’ve done that, only then can you begin to manage the risks.

 

2 – Preparation is Key

Planning is essential in the battle against cyberattacks. Start with an assessment of how you are you currently dealing with cybersecurity. Firstly, I=is it fit for purpose?

Every company will deal with the risk of cyberattacks differently, but a good place to start is an audit of your current IT equipment, systems and software:

  • Ensure all the operating systems and software are up-to-date
  • Apply two-factor authentication to all your computers and software, where employees receive a one-time code sent to their phone when they log in
  • Make sure all your WiFi systems are secure

Other safeguards include checking your company policy regarding taking IT equipment off company premises. How much valuable data is being let out into the world? You should also consider taking out insurance against cybercrime.

 

3 – Educate Your Employees

Unfortunately, a company’s weak link is its people.

A study by IBM found that 95% of cyberattacks preyed on human error in some way. Most of these were honest mistakes, but they were still disastrous for the company involved. As an employer, you must create a culture where everyone is always vigilant against cyberattacks.

Make sure your staff are educated on the risks involved with cybercrime. Train them to be better at spotting phishing emails, to not click on emails or attachments that appear suspicious. Ensure they use passwords that are not easy to guess. Make sure they do not use their own external devices such as USB sticks on company computers.

As a company leader, all the precautions you take involving cybersecurity are worthless if one employee makes a mistake. Don’t let it happen to you.

 

4 – If the Worst Happens, Respond Quickly

If your company is victim to a cyberattack, you need to deal with it in the right way. Firstly, for data breaches, the new GDPR law requires you to report it to the Information Commissioner’s Office (ICO)Do not think you can sweep a cyberattack under the virtual carpet.

Next, do whatever needs to be done to preserve the integrity of your system which includes:

  • Finding the intruder
  • Investigating their activities
  • Containing the security breach

If your existing IT team cannot do it, bring in a specialist cybercrime incident response team. If you are insured against cybercrime, your insurance company can assist you with this.

Once the crisis has been averted, assess what went wrong and how your company policies can be tightened up to stop it happening again.

 

Future Challenges

Cybercrime never sleeps. It is always developing. As a result, safeguarding against cyberattacks is an ongoing process. When you are budgeting for the future, make sure to take your cybercrime policies into account. In 2018, companies worldwide will spend an estimated $96.3 billion on security products and services.

As technology progresses, with mobile devices, Internet of Things (IoT), Artificial Intelligence (AI) and more becoming commonplace, the risks from cyberattacks will only grow. Protecting your company starts at the top. Don’t be caught out.

This article was published by:

Henrik-Jeberg

Director

Henrik Jeberg

Henrik, based in Silicon Valley, is a veteran of the IT industry for over 20 years. He began his career as a CIO and project manager for massive ERP implementations. In 1995, Henrik moved to the vendor side when he joined Navision (now Microsoft Business Solutions), where he helped develop Navision's international business as Channel Manager in Denmark, Business Development Director in France, Managing Director in Australia and finally Regional Managing Director responsible for the entire Asian region, based out of Singapore.


After seven years of operational experience on the vendor side, Henrik had a stint at Gartner in Paris as their director of market and business strategy, before returning to Copenhagen to become the CIO at the Danish Ministry of Finance, leading the entire horizontal government IT complex. In 2007, he became a non-executive director at Omada. Finally, as Divisional Director he headed up SAS Institute's Information Management Division out of Copenhagen, working with early Big Data and Advanced Analytics Technologies.

Since moving to California in 2012, Henrik has co-founded a mobile e-shopping platform and a company focusing on strategy and international business development.