Top 5 cyber risks for small enterprise

February 17, 2022 Leave a comment
1.Phishing

Phishing is an attempt to gain access to sensitive data by impersonating one of the people you know. Look for errors, grammar faults, source email address and dubious hyperlinks even if the logos seem OK. Please review all the public information posted around the identity of CEOs and CFOs and minimize the amount of information to prevent impersonation.

 Couple of things to bear in mind:

  • Companies simply do not ask for sensitive information.
  • Be suspicious of unexpected emails.
  • Make use of anti-malware software.
  • Make sure you have spam filters turned ON. Check them regularly in case of false positives.
Businessman working on laptop. Protection network security computer and safe your data concept. Digital crime by an anonymous hacker

2.Ransomware

This is a malicious software that, if successfully installed, will encrypt your data. The bad actors using this technique will prompt you to pay for a ransom in exchange to a release of an unlock code. Most ransomware is delivered via malicious emails. NEVER pay the ransom, there is no guarantee, that the unlocking code will ever work.

What to do to protect your company’s data assets:

      • Personnel awareness: staff should be wary of unsolicited emails, particularly those that imperatively ask for a prompt response.
      • Malware protection: install and maintain good anti-virus and malware protection software, including the mobile and intelligent devices.
      • Software updates: keep your applications up to date.
      • Data backups: a series of well managed data backups will allow you to recover from an unencrypted version of a file.
3.Sensitive Data leakage

The use of smart phones and tablets has become widespread and these devices are more and more powerful and can store large quantity of data. It is essential to understand the risk of leaking this data while connected outside the office. These devices are the preferred target of the data thieves.

The following pointers provide useful first steps to prevent data leaking from your organization:

  • Ensure mobile devices have passcode locks.
  • Enable remotely wipe functionality for the event the device is lost.
  • Encrypt portable storage devices.
  • Always monitor your mobile devices and paperwork at all times.
4.Hacking

Unauthorized access to IT systems from outside an organization to gain access to bank account information or credit card databases is a high risk. Also, intellectual property is another source of value.

  • The primary methods to protect yourself from hacking are network firewalls, data access security, procedures for providing, removing and reviewing access, and user awareness and training.

5.Insider threat

If your organization employs staff (full time or as contractors), there is a possibility they could leak data by mistake or maliciously. Almost 70% of the cybersecurity attacks originate from insiders.

Use these tips to mitigate the size of any data leak:

  • Educate your team to be alert to issues and minimize unwanted accidental losses.
  • Limit how much data staff has access to. The principles of ‘least privilege access’ and `need to know` should apply to all IT systems. Only provide staff with the minimum access they need to do their roles.
  • Avoid at all costs the use of portable storage devices, such as USB memory keys and removable hard drives.
  • Consider using applications in certain situations to monitor staff behaviour − who copies or transfers what. It is key to remember that alongside technology, well-developed processes, procedures and staff training go a long way to protecting your valuable data.

Leave a Reply

Your email address will not be published. Required fields are marked *