Cyber security has acquired additional importance with WFH culture gaining popularity since last 1.5 years now. Work-from-home or WFH is here to stay. It works for many companies. Many are opting for hybrid models. Many are giving options to the employees to WFH. Either way, cyber security is a necessity now more than ever.
Types of Cyber attacks
There are many. We will have a look at the recent ones here. Pandemic has afforded many
cyber criminals the audacity to steal precious data. They prowl, stalk, study the organizational behaviour and attack!
Malware
Malware is the most popular one these days with the cyber criminals. Today we all have heard of WannaCry and DDoS.
Ransomware
“Your data has been seized. Pay $ in crypto currency at (address). How to find crypto currency? Use your search engine to look for it. Pay within 3 days or else your data will be sent to dark web.”
No one wants to read this message on their computers. But this is how the ransomware operates. One fine morning you login and find this message staring at you from your computer screen.
Crypto currency is every cyber criminal’s delight. It has led to many ransomware attacks on big and not-so-big organizations world over.
Social Engineering
Social engineering also has been around for a while. It has gained momentum due to WFH culture.
Phishing
Most common type is phishing. Website cloning and baiting the vulnerable individuals.
Business emails compromised
This is another one gaining popularity. With similar looking emails the unsuspecting employees are baited.
Cyber-attacks a reality even for SMEs
To think that cyber-attacks won’t happen to my company because we are not that big is a fallacy. Cyber criminals are looking for easy targets. What better target than SMEs? Not just manufacturing sector but even IT companies can be a vulnerable target.
What are the risks of a cyber-attack on my company
Need to assess the risks to which your company may be exposed to. There are many vulnerable points for a cyber-criminal to enter.
Way out
So, what is the way out of this? For SMEs it is imperative to invest a portion of their profits in cyber security. This is as important as investing in physical security. Better safe than sorry
Basic Steps as a corporate to prevent entry
You can implement some basic steps right away
1. Systems
Put systems in place. Ensure strict adherence to the set systems and protocols.
a. Password Manager: Get a password manager.
b. Multi-level authentication: Use multi-level authentication, especially with third party service providers.
c. VPN for office work: VPN for all employees working from home.
d. Data backup using 3-2-1 strategy:
1. Make 3 copies of the data
2. Take backup on 2 different media
3. Keep 1 copy off line
2. Keep your anti-virus software up-to-date
Keep your anti-virus software updated. And don’t forget to restart the computer! You can even think of opting for EDR software. EDR or Endpoint Detection and Response software continuously monitors any external threat and wards it off on detection.
3. Cyber Security consultants
Hire a good cyber security consultant. Get Vulnerability Assessment and Penetration Test (VAPT) done. And follow the advice of the cyber experts.
4. Employee awareness and training
Arrange awareness and training programs for employees. All employees involved in financial transactions must be made aware. They must collaborate with all the stakeholders and be vigilant in making payments.
5. Basic steps at individual level
Today, we don’t just work online and collaborate online. We also shop online, bank online, entertain online. Hence, cyber-attacks are also on the individuals. What can be done? Few pointers to basic safety measures:
a. Use strong passwords at your home Wi-Fi. Keep changing the passwords.
b. Do not store the passwords online.
c. Use multi-level authentication wherever available.
d. Keep office and personal devices separate.
e. Keep the firewall up all the time.
Conclusion
In the end, we can say that forewarned is fore armed. Be aware and protect your precious data. Save your organization