Could you and your business be target for cyberattacks?

Next story

Despite the number of high profile, large scale breaches of well-known companies there are still a glaring number of businesses that consider themselves immune to cyberattacks. Mark James, ESET IT Security Specialist, explains why some businesses are unprepared and unprotected, leaving themselves wide open to risks and attacks.

Image

“There are a few reasons that suggest why some businesses remain wholly unprepared for cyberattacks, but based around risk assessment, I think the main problem is the idea of protecting against something that may or may not affect you.

“It is difficult for some companies to comprehend an attack, and some businesses still fail to see themselves as viable targets.

“Insurance type measures are always hard to justify on paper, as it’s no different than backup and disaster recovery. To spend thousands protecting against something that may never happen only gets harder as time goes on and nothing happens.

“We also need to consider that these days so much of our data is ending up for sale or floating around the internet. The approach of “does it really matter if any more ends up there” could now be considered as an argument against spending money on preventative measures.

Cyberattacks can be incredibly complex, and the hardest part of protecting against these cyber threats is trying to keep up with the sheer number of attack vectors that are out there.

“Exploits and vulnerabilities makeup such a large amount of cyber warfare and trying to defend against something you may not even know exists is for some virtually impossible.

“Anticipating what others may do to gain access to your company or data is also particularly difficult, especially to know the tools they could use to be successful.

“Those tools could in fact be the very software you use day in day out, the type of programs that make your company money, that you simply could not operate without using.

“It’s advised for companies to plan a comprehensive crisis management strategy for when the unexpected eventually happens, and it’s all about the “what if’s”.

“Working out every point of failure, and trying to establish a good rule set for who should, and should not, have access to data or networks; if you minimise the exposure then you minimise the risk.

“If you limit access to only those that need it, combined with good, solid password management, this will help to minimise risk.

“Where possible try to employ Two Factor Authentication to protect those areas that could expose your company to the most risk, and let’s not forget the basics like good regular updating internet security products on ALL devices.

“Most importantly, don’t fool yourself into thinking you don’t need help. In this day of modern cyber warfare, you need all the help you can get, and there is plenty of expertise and resources available once you understand you may need help in the first place.”


Were you aware of the complexity of warfare? Do you have sufficient security protecting your company’s data? Let us know on Twitter @ESETUK


Join the ESET UK LinkedIn Group and stay up to date with the blog. If you’re interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.