You have the power to protect your business!
Richard Latimer
Fast, Reliable IT Support to Keep Your Business Safe & Moving Forward"
We work with a lot of different businesses, right across the sectors, from accountancy to construction, manufacturing to education, to charity and law. But, no matter which sector they're in, many of these organisations don't understand the power they have to protect themselves against cyberthreats.
Let me explain...
Cybersecurity, whether business or home cybersecurity, isn't just about having great cybersecurity software. Your cybersecurity strategy is also about how the user interacts with the technology. And by user, I mean you, your team, or in the case of home cybersecurity, other household members.
But, staying with business cybersecurity, it's absolutely essential that each member of any organisation understands basic cybersecurity principles, and the power they have to protect the business, whenever they're working with the company's technology, or handling data and files on their own devices.
And, I really am talking basic cybersecurity principles, including -
✔ Not opening suspicious email attachments - Even if they look genuine, if you're in any doubt, don't open it. Contact the sender in a separate email if you have to, and ask if they sent it. The main reason for doing this is that cybercriminals hide malware and ransomware in malicious email attachments.
✔ Recognising fake websites - I can't deny it, cybercriminals are getting good at creating websites that are hard to tell from genuine websites, but, the basic checks still hold true - check for the padlock (HTTPS) symbol in the search bar, double check the URL, and look out for spelling and grammar errors.
✔ Creating strong passwords - Not creating strong passwords is amongst the top reasons that businesses suffer cyberattacks. So, make sure to ALWAYS create hard-to-crack passwords, either on your own, or with a password manager, and DON'T share those passwords or write them down.
✔ Keeping personal device security updated - With BYOD culture in full swing, more workers are keeping company data on personal devices. If this is something you do, make sure your device cybersecurity is updated, and meets the company's compliance obligations.
Where does this lack of understanding come from?
There are various reasons many businesses, and their employees aren't taking these cyber security responsibilities seriously enough (until something happens), and seem to have a total lack of understanding as to why it's so important.
Reasons tend to be -
❌ A lack of awareness - If it hasn't happened to me, why should I learn about cybercrime or cyberthreats? In answer to this question - there are lots of powerful reasons, but human nature being what it is, means most of us only develop true awareness of an issue, once we've been affected.
❌ A lack of training - Many businesses say they don't have the time or resources to train staff in basic cybersecurity practices, so inevitably, employees continue to make the same mistakes, which can (and often do) lead to cyberattacks, which can lead to downtime. and lost business etc. etc.
Recommended by LinkedIn
❌ 'It won't happen to me' - This could come under the 'lack of awareness' heading, but it's also about people fooling themselves that cyberattacks can't happen to them, or they only happen to massive businesses that can afford it, but I'm sorry to report, all those justifications are wrong, and dangerous.
❌ Laziness - We can all be guilty of being lazy at times, but when it comes to cybercrime, just one wrong click in a moment of laziness, could potentially be very expensive for the business, lead to a lawsuit, or in extreme case, lead to the business being unable to survive the fallout.
But, it's not all about the users...
I have to be careful here not to lay blame solely on the businesses and their employees. The cybersecurity industry and the IT industry as a whole can also play their part in making people and businesses more aware of their personal responsibilities, at the time of purchase, or signing a contract.
For example...
Visit any cyber security providers' website, and you'll see headlines such as, 'Complete Malware Protection' or 'Powerful Threat Detection', or 'Block Threats Before They Infect'. Which are all fine and true - and these companies are selling a product like any other business would
But... (and this might be controversial)
These sorts of headlines give business owners and managers a false sense of security, giving them the idea that once the cybersecurity is installed the threat of cyberattack is removed. Problem is, cybercriminals' techniques evolve as cybersecurity evolves, therefore, the user still has a significant part to play.
In conclusion
You really do have the power to protect your business from some of the world's worst cyberthreats. It might take time, initially, but once the business has a culture of protecting itself, and keeps the importance at the forefront, basic cybersecurity practices will become second nature, and common practice.
How to get started...
If you haven't already, get training for you and your employees, learn about cybercrime and cyberthreats and how to protect against them, and partner up with a decent cybersecurity specialist, who will audit your network, find the most effective and cost-effective solution, and be there when you need them.
What do you think?
Let me know in the comments whether you think I'm right on this subject, as well as any bad experiences you or your business might have had with cybercrime, to help other businesses avoid the same outcome.