By Alan Hawkins, General Manager: Cybersecurity and Software
Combatting cybercrime is a constant worry for South African companies. Businesses that are breached struggle with damage that includes downtime, loss of data, loss of revenue, reputational harm and regulatory fines. And the stakes are getting higher.
Despite global efforts, every year the number of cyberthreats targeting industries and governments is worse. It seems that we are far from being able to mitigate and contain these numerous attacks. What will it take for businesses to get a wake-up call on cybersecurity?
Alarming rise in ransomware
One study found that cybercriminals can penetrate 93% of local company networks, and trigger 71% of events deemed ‘unacceptable’ for their businesses. Ransomware attacks in particular are increasing at an alarming rate and are also extremely harmful. Breaches have increased by 13% in 2022 – more than the last five years combined – according to a Verizon report. The 2022 report reveals an unprecedented year in cyberattacks and issues affecting the international cybersecurity landscape. It is ransomware that continues to prove particularly successful in exploiting and monetising illegal access to private information.
Ransomware encrypts files and documents on anything from a single PC all the way up to an entire network, including servers. Victims can either regain access to their encrypted network by paying a ransom to the cybercriminals, restore data from their backups, or hope that there is a decryption key freely available. One of the biggest concerns for SMBs is that criminals are skilled at encrypting, but not so much at decrypting. There is no guarantee that you will be able to restore your data once your business has been held to ransom. To put it simply: ransomware could ruin your business.
Here are three basic ways to protect your business from cybercrime:
1. Defend your turf
"There is no single security product or solution that will defend your perimeter and all devices. To protect your network and devices and safeguard your sensitive data, requires a multi-layered approach."
Firewalls are the first line of defence against external threats. They monitor incoming and outgoing network traffic based on a set of rules, and they safeguard your secure internal network from the Internet, which is not considered secure. They can also restrict employees from risky websites and offer VPN protection.
Antivirus software can protect against a whole host of malicious attacks on the company network and individual devices. Patch management fixes vulnerabilities on software and applications that are susceptible to cyberattacks, helping your organisation reduce its security risk.
2. Educate workers
SMBs need to educate and train their employees to minimise human error and bad user practices as these are the two weakest points in any cyber defence strategy. The Verizon report found that 82% of cyber breaches involved the human element, including social attacks, errors and misuse.
Build your cybersecurity strategy around educating your end-users. Cybersecurity user education should teach employees how to spot common hacker tactics and what their role is in keeping systems safe, including phishing and social engineering, password standards and credential safeguarding, physical and device security, and user rights and responsibilities.
Implement a cybersecurity policy and procedure document that details action items in case your employees encounter perceived or real compromises.
3. Data backup and disaster recovery
Backing up your data and systems is an essential practice. If you experience a ransomware attack and the cybercriminal steals your data, having a recent backup of your data will help you recover quickly.
The best backup solutions are designed to make incremental copies of data throughout the day to minimise data loss. Solutions that back up regularly allow you to restore data to a point in time before the data breach or cybersecurity attack occurred.
If your business has been attacked, it’s critical to ensure that the most recent versions of your data and applications do not contain the ransomware you are infected with. Make sure you eliminate the ransomware before restoring your data.
Backing up important files and making sure those files can't be compromised during an attack makes it possible to recover the network without paying a ransom.