Global spending on cyber security has gone from $3.5 billion in 2004 to $120 billion in 2017, and is estimated to reach $170.4 billion in 2022. Despite all this spending cyber attacks continue to increase, and no business is safe. A post in Cyber Security Intelligence lists seven critical security threats and how they can be remedied.
- Malware infections - use anti-virus technology and firewalls. Keep programs up to date. Use automatic updates.
- Phishing attacks - the most common way an organization is breached. Back up data to minimize loss, but the best protection is not to click on unexpected emails (especially with attachments) and to report suspicious emails.
- Bring your own device - a BYOD policy must spell out what is permissible, required security including strong passwords, and what to do if security is compromised.
- Website weaknesses - businesses need protection from Structure Query Language (SQL) injections. Older software may need updated patches. Get a Secured Sockets Label (SSL) certificate from your web host.
- Insider threats - employees should have least privileges needed and be removed from the network when they leave.
- Lack of training and awareness - keep employees updated and able to recognize threats.
- Distributed denial of service attacks - online businesses are especially vulnerable. Have a plan to keep operating. Monitor for others threats while the attack is occurring.
For small and medium enterprises, the most important tips are
1. A strong password policy.
2. Two factor authentication.
3. Automatic software updates.
4. Back up to external hard drive or cloud.
5. Install anti-virus software.