The internet is critical to business, but with the larger use and reliance on the internet and digital devices comes the higher risk of cybercrime. While many businesses have invested in their cyber security it is key to ensure your staff also understand the importance of correct cyber security practices and your policies are implemented and managed on an ongoing basis.
Theft of digital information has become the most reported fraud, surpassing physical threat. Cyber security should take as much importance as physical on-premise security and while 100% prevention just isn’t possible, as with physical protection, 100% effort is recommended. The effect of cybercrime can have devastating consequences.
It has been reported that cybercrime costs hit $6 trillion globally in 2021, with it predicted to top $10.5 trillion by 2025.
Cybercrime covers a wide range of incidents. According to New Zealand Police Cybercrime refers to “criminal activity that involves the Internet, a computer, smartphone or other electronic device”. Cybercrime is usually profit-driven and can include ransomware attacks, email and internet fraud, and identity fraud, along with attempts to steal financial records and payment information.
This week is Cyber Security week, the perfect time to take stock of where you are at with your cyber security practices and train your team to take steps to prevent cybercrime.
There are a few simple steps you can take to protect your business, for example:
Educate Employees: Cyber security training is a strategy to provide employees with clarity regarding their roles and responsibilities when it comes to upholding information security. Key areas to focus on could include understanding proper cyber etiquette, the security risks associated with their actions and how to identify cyberattacks they may encounter during their day to day operations.
Access Management: By strategically assigning employees the right level of access depending on their role and responsibilities in your business, the overall risk of suffering extensive damage from a cyber-attack can be effectively mitigated.
Monitoring, Detection and Response: Businesses need to have 24/7 monitoring of their systems and networks to detect any potential attacks or breaches. Lack of, or delayed monitoring, could lead to delayed detection and businesses may not be able to respond in time or reduce the potential impact.
Manage Third-Party Risk: Third-party risk is potential threats to businesses and their data from third-party vendors, such as suppliers, that have access to your systems. It is important for your business to do due diligence when working with third-parties, and ensure that the policies they have in place are suitable. It is key to continue to monitor them once the relationships are established to ensure their standards are upheld.
Enable have partnered with CERTNZ to provide trusted and authoritative information and advice. CERT NZ is your first port of call when you need to report a cyber security problem.
Read their top 11 tips for Cyber Security for your business at their website.