some alt text

Cyber security - something you can't afford ignoring

Cyber security - something you can't afford ignoring

The pandemic has sadly created the perfect climate for cyber criminals to prey on people and businesses who are already dealing with unsettling changes in their lives. The criminals have used this time to their advantage, to seek to exploit fears and uncertainty for financial gain. Unfortunately, Cyber Security is a 24/7, 365 days a year task and these scams are only going to increase.

Does your business have a disaster recovery plan around this? How would your business be affected if you were a victim of hacking, data theft or a virus that infects your IT and that of your clients’?

 

Statistics re: cyber-attacks 2020

 

  • According to IT Governance, there were 99 data breaches and cyber-attacks in August 2020, making it the third biggest monthly total of the year by number of security incidents.
  • Since the beginning of 2020, there have been more than 445 million cyberattacks reported, which is double the number in 2019.
  • 80% of firms have seen an increase in cyber-attacks.
  • Phishing attempts rose 600% since end of February.
  • Attacks targeting home workers rose five-fold in six weeks since lockdown
  • 5% of coronavirus-related domains deemed suspicious
  • Incidents have increased hugely during the pandemic, as more people are using the internet.
  • It was reported in August, that 20% of organisations have experienced a breach in cybersecurity as a result of remote working of employees.
  • 41% of customers would stop buying from a business victim of a ransomware attack. (fintechnews.org)

 

Remain vigilant:

 

Here at soVision IT we know to be forewarned is to be forearmed! Working with us means that you will be protected too.

We ourselves have just had a very smart scam spotted by our brilliant cyber security expert, Alex.

We had an enquiry from the 'University of Nottingham' initially requesting quotes with 30 day terms on low value items. This is then followed by a request for, and subsequent acceptance of, a quotation for a large number of easily disposable items (in our case 250 x WD passport 2 TB).

Through our security checks we established this was a Fraud. Had we fallen for the scam, 250 WD Passports would have been winging their way to Nigeria, and we would have been left with losses amounting to many thousands of pounds.

The fraud is actually very sophisticated and someone really has done their homework - a genuine PO has been copied and  legitimate members of staff imitated.

We won't be the first company they try this on, and almost certainly not the last. Readers beware!!

 

Here are some Security issues to beware of:

 

Phishing emails:

Don’t open emails from people you don’t know, and never open unknown attachments or links. Check that the email address in the browser matches the company it comes from.

Weak login passwords:

81% of adults use the same password for everything. Cyber criminals have programs that search public profiles, looking for these password combinations. Use unique passwords.

Password security:       

Often you can notice passwords on sticky notes on a screen with a password written on it.  If you do have to write them down make sure they are protected and kept in locked and safe environment. Unprotected passwords can be inadvertently seen, particularly when staff are working from home.

Multi-factor authentication:

Passwords are a necessity but aren’t always enough to guarantee security. Multi-Factor Authentication or Two-Factor Authentication is best.

Access to everything:

Compartmentalise data, and ensure it isn’t accessible by everyone. The number of people who have access, increases the number of people who can mishandle information.

Lack of training:

Only 29% of staff received cyber security training in 2019, compared to 81% of directors or senior management. All of your staff need to be trained.

Not updating antivirus software:  

Everyone in the company should be expected to update the latest antivirus software, whether they are working in the office or remotely. Remember though, that Anti-Virus software only protects you from already known threats and not the new ones that have yet to be identified and solutions found.

Unsecured mobile devices:                

If your company use mobiles, tablets or laptops, ensure that these are also secure.

Data security policies:

Policies are not just tick boxes. Hopefully, your team will remember the data security training they have had, which means they will remember what to do when an incident arises. The question is are these policies really in place and understood with clearly defined actions should an issue arise?

 

Contact us on 0117 986 4026 or email at info@sovisionit.com for more information.