Security and convenience tend to be opposites. The more security you add, the less convenient life becomes. For example, the front door to your home keeps your property safe and secure, but attempting to unlock this door is not always convenient. The more security layers you add, the less convenient access tends to become. But this also hinders your attackers too.
Businesses are under attack from a range of sources online and digitally. But with more security, and more security conscious staff, it can become very difficult to infiltrate a business. Unless someone on the inside can do it for them.
What does that mean exactly?
Well, consider how difficult it would be for someone to walk into your office, log in to your computer, and carry out nefarious deeds, like bank transfers or stealing data. They would most likely be stopped at the entrance, and failing that, everyone else in the office would easily see what they were doing, and stop them. That’s why cyber criminals need to authorise staff members to do these things for them, usually without the victim even knowing about it. They can do this through a variety of methods, including:
- Phishing –This is typically a “bait & catch” scam, so an email from what looks like a trusted source asking for payment or login is used as “bait”, and when details are entered, the criminals know they have a “catch”.
- Spearphising – This is the same ideas as Phishing, but instead of appearing to be from a company, these emails will look like they have been sent by a friend or family member, asking for personal information.
- 419 scam – This is a digital scam that asks the victim to send an advance fee to the criminals, in order to receive a large sum of money e.g. Lottery emails & deceased estates
- Malware – This is software that is introduced to your company network through an email, software that has been downloaded, or vulnerabilities in the operating system itself. This software can be used to infect, destroy or hijack computers and data.
- Ransomware – This is a specific type of malware that works by locking computer files until the victim pays a ransom to unlock the files
Unfortunately, the list goes on…
All of these are scams and infections that are initiated by end users who have been tricked. And that’s why its so important to both block attacks, and train your staff.
Technology and User awareness
The only way to keep your business 100% safe from cyber attacks and criminal activity, without professional support, is to remove all external access to your network. This includes all internet access, and also preventing your staff from bringing in external USB devices.
Alternatively, you could work with a professional team to make sure that all the core bases are covered, as well as some additional extras if your budget will allow it.
The size of your cybersecurity budget will depend on a range of factors, including how much your company depends on the IT systems, and the Internet. If you couldn’t operate without it, you need to protect it, just as you would protect your own home.
Here at CNS, we have a dedicated Cybersecurity Team who are specialised in both the technologies AND the education of staff.
We can provide Cyber Security Awareness Sessions for current and prospective customers. Why not contact us to have a chat with one of our Cybersecurity Team and schedule a session today?