As the CEO of your business, would you be prepared to take responsibility for any failure of IT security within the company? If the answer is no, you need to be completely sure that every measure that could be put in place has been.
According to research carried out by IBM, data breaches are one of the main reasons that companies are attacked nearly 17,000 times each year. This fault doesn’t necessarily lie in the hands of the user, misconfigured systems and applications are the reason for 42% percent of attacks.
Nevertheless, whatever the cause of the attack, it can have detrimental effects on your business and impact finances, company reputation, work ethic and future plans. It’s impossible to rid all chances of falling victim to cyber criminals, but following this checklist could significantly reduce your risk of it.
1. Meet regularly with your IT management team
This means you will be made aware of any new challengers that your IT security policy might have to be updated to protect against. Don’t forget that technology is constantly developing and it’s important not to let cybercriminals catch you up. According to PwC, “Most organization’s cyber security programs do not rival…those of today’s adversaries”, so be safe and make sure that yours are up to date.
2. Set up a cyber incident response plan
If things do go wrong, it’s important that your employees know how to respond. A plan is vital to ensure that your company can still function before everything goes back to normal. A major part of the plan should involve identifying the cause of the attack in order to prevent one from happening again.
3. Keep data back ups
Having back up copies of your data is an important step in reducing downtime and data loss after a cyber security failure. If you lose the only set of data you had as a result of a cyber attack, your company could be out of business for a while. However, having multiple copies (more than one copy is desirable) means you can get back to work faster.
4. Train your employees
Sufficiently training your employees will mean that they are educated as to how to act safely and keep any data as secure as possible. Training them will also mean that they know how to react if your business did fall victim to a cyber attack and how to follow your cyber incident response plan efficiently.
5. Keep antivirus software up to date
This may seem like an obvious step in protecting yourself against potential cyber criminals. However, many people ignore update reminders, convinced that it is simply a fad. This is not true.
Of course, antivirus software alone isn’t enough to protect your data, but there is no better place to begin than with basic means of protection. It is important that, if employees use personal devices to deal with company information, that those devices are also up to date with antivirus software.
6. Live systems are not your only risk
Don’t forget cyber security doesn’t end with the life of your computer systems. Ensure all old equipment, especially anything that may have been used to store data, is destroyed securely.
Keeping your company’s, and your clients, data safe is vital to your business. However, employing as many of the suggestions as possible is a great place to start.
[Photo Credit: CeBIT Australia]