It’s no secret that, as we become more and more dependent on technology to run our businesses and become reliant on internet-connected devices, both for our personal and professional lives, we also become more vulnerable to cyber threats. US$2.9 billion is lost to cybercrime each minute and, as at 2020, the average cost of a data breach was a staggering US$3.86 million. However, there are some cybersecurity essentials that we can put in place, ranging from simple to more complex, in order to protect ourselves and our businesses from cyber attacks.
#1. Turn on MFA everywhere you can
This is one of the simplest, but most effective cybersecurity essential strategies. It’s usually free, if not very cheap and easy to activate. Most applications (including Microsoft 365 and social media apps like Instagram and Facebook) have now adopted Multi Factor Authentication (MFA or 2FA) methods that you can activate by doing a quick look at your account settings.
This adds another layer of security (besides your username and password) to your accounts, requiring a real-time password before allowing entry to your account, making it far more difficult to penetrate and access your data. There are different methods depending on which app you’re using but the most common ones would be via a unique One-Time-Code sent through text, email or a code generator app like Google Authenticator.
#2. Implement the right cybersecurity strategy for your business
These days, no business is “too small” to put adequate cybersecurity defenses in place. All businesses who access the internet need a cybersecurity strategy, including endpoint security protection and management, network firewall management and security monitoring and alerting. Cybersecurity is more than just anti-virus software. If you aren’t sure what your business requires when it comes to cybersecurity, consult an expert and ensure you have the best strategy in place for your business.
#3. Promote a Cyber-secure company culture
Unfortunately many cyber attacks occur because of human error – when someone clicks on a malicious link or opens a suspicious email. Make sure that cybersecurity is a regular topic of conversation between your staff. Promote the importance of a positive cybersecurity stance in your business and make sure that everyone is following the trend. Welcome ideas about how you can better improve your cybersecurity measures and keep an active discussion around it.
Empower your staff with better knowledge of cybersecurity, its risks and effect on the business by conducting cybersecurity training – either internally or by hiring a knowledgeable cybersecurity expert to conduct the training. Making sure that everyone in your organisation is equipped with proper knowledge of cybersecurity best practices could save you from the otherwise dreadful consequences.
#4. Protect your Business with Cyber-insurance
Although cybersecurity defences can physically protect your business from cybersecurity risks, having an incident response plan and insurance coverage could literally save your business from going under if the worst case scenario happens. It’s important to consult an insurance broker to source the best protection for your business, as coverage can change from policy to policy, but most cyber-insurance will cover your business in the event of:
- Business interruption loss due to a network security failure or cyberattack.
- Data loss and restoration
- Incident response and investigation costs
- Delay, disruption, and acceleration costs from event/s causing business interruption
- Crisis communications and reputational mitigation expenses
- Liability arising from failure to maintain confidentiality of data
- Liability arising from unauthorised use of your network
- Network or data extortion / blackmail (where insurable)
- Online media liability
- Expenses relating to regulatory investigations
Cybersecurity can often be put in the “too hard basket”, especially by smaller businesses who don’t perceive their risk to be very high. But when we are so connected to the internet through so many devices these days, we cannot afford to become complacent. Ensure you have all the cybersecurity fundamentals covered for your business in order to stay safe from cyberattacks.