Recent surveys of 3,958 IT Leaders globally confirmed that over 33% had been subjected to major cyber attacks in the last 2 years. This was an increase of 9% in 12 months globally.
Here are the top ways organisations are compromised:
- Poor password practices (bad password choice, password re-use).
- Weak access policies.
- Unsafe downloads.
- Phishing and social engineering (unwittingly communicating with an impersonator or entering your work credentials in places other than work systems).
- Unprotected data and email.
What simple things can you do to protect your organisation?
- Implement and set appropriate password policies – relax password change for staff or remove it completely. Make it a company policy not to use your work email and password for any other login outside your organisation.
- Implement Multi-Factor Authentication. Something you know and something you have – This makes it much more challenging for an attacker to use stolen credentials
- Block risky download types and use firewall sandboxing technology which tests the download first.
- Deploy an endpoint protection product that can protect your staff’s devices both inside the corporate network, and when they’re working elsewhere.
- Build up your defence by educating staff on the dangers and how to respond – test for effectiveness to determine where more targeted focus is required.
- Ensure the backups are sound, separated and tested.