Read the news lately and are concerned about cybersecurity. The question now is: Are you prepared?
Cyber Security has recently been a hot topic, especially in the last 2 years - threats are becoming more common and dynamic.
Security trends show that small-medium businesses should watch out for threats because their security posture makes them an easier target.
- Are you confident that all data you store regarding your employees, customers and sensitive data for your business is protected? If not, speak to your IT team or provider about information protection/security and cloud backups
- Are you confident that your backups have data integrity? Someone from within the business or your IT provider should perform a test every quarter where a file or folder is deleted and a restore is performed.
- Are all your apps protected by single sign-on(SSO)? SSO allows you to control access to all your company/employee/customer data using one single login and it can be any system whether it's Facebook, Twitter, Slack, Xero, MYOB, CRM system, IT System, quoting system, LinkedIn, telephony system etc
- Got SSO in place - Fabulous. Does 2FA protect it?
- Got SSO and 2FA in place - Neat. Does geo-fencing protect it so logins are only allowed from work devices and within countries where your business operates in?
- How do you identify risk users in the business? The ones who don't have a strong password, aren't technology savvy and what is your action plan to train them?
- How do you mitigate attacks whether it's through email, website, USB, network, a known vulnerability, or password leak?
- Do you have cybersecurity insurance and a functional disaster recovery plan(That has been tested and not something that sits in a folder or cabinet)?
- Are you confident that all user accounts that can access your system are valid and current? If not, review this list and tighten your HR process. Please ensure your IT department is aware of any new employee starting, employees going on long leave, employees going overseas for work, employees going on parental or long service leave, employees resigning
- Do you have strong network controls where only a company-owned device, logged with active employee credentials can connect to your network?
- Are you still using VPN to access your work applications? If yes, then it's time to speak to your provider regarding remote access gateway or remote apps
The recent Optus data breach has attracted the attention of many medium-sized to larger private and public sector organisations regarding this serious issue.
It's time to take action and be safe than sorry. IT professionals do not want to see another business become part of statistics.
Talking about statistics:
- The global cybersecurity market size is forecast to grow to $345.4bn by 2026 according to Statista
- It is estimated that cybercrimes will cost $10.5 trillion annually worldwide by 2025.
- Australians lost 33 billion due to Cyber crimes in 2020-2021
- 59806 in 2020 and 67,500 in 2021 (13% increase), Cybercrime reported
- More than 75 per cent of pandemic-related cybercrime reports involved Australians losing money or personal information
- 23% fraud-related, 17% online shopping scams, 12% online banking scams, and 48% others
If you aren't confident about your cybersecurity posture and willing to speak to a consultant, please reach out and I will be happy to assist and provide independent advice
