Top Tips: Protecting your business against cyber-attacks

protecting-your-business-against-cyber-attacksDavid Emm is Senior Technology Consultant at Kaspersky Lab. David has worked in the anti-virus industry since 1990 in a variety of roles. Prior to joining Kaspersky Lab David worked as Systems Engineer, Product Manager and Product Marketing Manager at McAfee; and before that as Technical Support Manager and Senior Technology Consultant at Dr Solomon’s Software.

In his current role David has presented information on malware and other IT threats at exhibitions and events, and provided comment to both broadcast and print media.

David shares his top tips on protecting your business against cyber-attacks.

Cyber-attacks against companies are prevalent and varied.  Some are designed to steal confidential data, some to extort money, some to make a political or social point and other to damage the reputation of the company.  If companies fail to understand the threat, and protect themselves effectively, they could lose more than just money; firms also stand to lose their competitive edge, see their brand damaged or even go out of business altogether.  The number of targeted attacks is increasing. The aim is get a foothold in a target company, steal corporate data or damage a company’s reputation. Companies can also find themselves in the firing line of an attack not aimed at them.

Any organisation can therefore become a victim, as all hold data that could be of value to cybercriminals, whether for a direct attack or as ‘stepping-stones’ to reach other companies. There could be collateral damage if a business is not adequately protected and so developing a security strategy tailored to your business is paramount. Below are my five top tips on how to protect against these cyber-threats:

1.     Ensure business continuity - It’s important to deploy an anti-malware solution which can block new and unknown threats. A response plan to any outbreak of malware within the business should also ensure that continuity if the worst was to happen. Making sure that necessary measures are taken, such as handling public relations to minimise the impact on the company’s reputation is one way to do this.

2.     Create staff security awareness - Unfortunately, businesses can often ignore the human dimension of security. But often the starting-point for a targeted attack is to trick individuals in the company into doing something that puts the company’s security at risk. It’s vital that all employees are aware of the risks and that management doesn’t solely rely on technology to protect the company. So, organisations need to ensure they make security awareness part of their security strategy.

3.     Working in the cloud - As the use of cloud grows, so too will the number of security threats that target it. As a result, businesses need to understand that, while they may outsource the handling and storage of their data, they can’t outsource responsibility for the data itself. So businesses need to assess the potential risks in just the same way that they would if they were storing data internally.

4.     Don’t forget mobile devices - The task of securing data has become harder for businesses as staff increasingly bring their own devices in the workplace and conduct business ‘on the go’ and via multiple devices. In order to reduce the risk of attack, security policies must be revised to reflect the changes in working practices. It’s no longer possible for IT departments to defend the traditional network perimeter. Instead, they must apply a security ‘wrapper’ around every employee – so that they are protected wherever they work and whatever device they use. Second, the tools deployed across the business must be flexible enough to implement this ‘follow-me security’ policy.

5.     Patch up your systems against vulnerabilities - To reduce the opportunity for attack on un-patched vulnerabilities on computers, businesses need to ensure that they are running the latest versions of software, apply security updates as they become available, and remove software they no longer need in the organisation. The use of a vulnerability scanner, to identify un-patched applications, will also help to minimise the risk of such applications being exploited by cybercriminals.

By considering these five points and developing a cyber-security strategy in line with the above, businesses can reduce their exposure to attack. Cyber-attacks can impact on the revenue, reputation and long-term health of the business. No business is too big or small to be targeted, so all should take precautions in this digital age.


« How to set up a business for nothing


Healthcare in India: How tech startups can help »
IDG Connect

IDG Connect tackles the tech stories that matter to you

  • Mail


Do you think your smartphone is making you a workaholic?