What is a zero-day attack?

zero-day attack

Provided you’ve read any cybersecurity story in the media recently, you’ve probably come across the phrase ‘zero-day attack’ before. It’s often dropped into reports by journalists with little explanation of what it means or why you should worry about it. So, in the interest of clearing up some confusion, here’s everything you need to know. 

What does ‘zero-day’ mean?

Usually, software companies and developers will periodically fix flaws in their products. However, there are some rare instances where this doesn’t happen and a flaw goes unnoticed.

The term ‘zero-day’ refers to those security vulnerabilities that fall through the cracks. It’s neat shorthand for developers having only just discovered the flaw and limited time (zero days) to fix it.

A zero-day attack happens when the bad guys get there first and hackers exploit the flaw before the developers discover it. 

How do zero-day attacks work? 

All software, no matter how robust initially, develops vulnerabilities over time. It could be that the software was built with vulnerabilities that weren’t anticipated at the time or it might be that a new cyber threat has emerged since it was created.

Whatever the reason, the fix is usually simple. Developers create a patch, release it in an update to users, and the vulnerability is dealt with. Think of it as being a bit like your mum fixing your school trousers after you fell over in the playground for the umpteenth time.

Unfortunately, this doesn’t always happen and hackers get there first. And, as long as the vulnerability goes undetected, cybercriminals can write and implement code to exploit it. This could allow them to steal confidential data, launch social engineering attacks, or even release malware onto users computers. 

This can go on for as long as the vulnerability remains undetected; sometimes days or even months. What’s more, even when the flaw has been fixed and an update released, it may take some time before every user updates their device. After all, an update is only as good as the number of users who download it. 

How do you know when a zero-day attack has happened?

A zero-day attack is particularly dangerous because the only people who know about it are the cybercriminals themselves. This allows them to pick their moment, either attacking instantly or biding their time.

Because vulnerabilities come in many shapes and sizes from problems with password security to broken algorithms, they can be very hard to detect. Often, a business won’t know there’s anything wrong until the vulnerability has been identified.

Nevertheless, there are some telltale signs. You might see sudden surges in unexpected traffic, odd behaviour from software you’re using, or suspicious scanning activity. 

Are there any famous examples?

Incidents involving zero-day vulnerabilities are more common than you might think. Only days ago (early Feb 2022), it was revealed that three critical flaws in the code for a WordPress plugin threatened 30,000 websites worldwide. Fortunately, on this occasion, WordPress appear to have got there before the bad guys, but there are plenty of examples when businesses weren’t so lucky.

Zoom, 2020

In this instance, hackers found a vulnerability in the popular video conferencing platform Zoom. It allowed cybercriminals to remotely take over the computer of anyone using Zoom and running an older version of Windows.

Microsoft Word, 2017

In a horribly alarming twist, this attack used a vulnerability in Microsoft Word to steal users banking login data.  Users who opened seemingly normal Microsoft Word documents unwittingly installed malware on their device that was able to collect banking login credentials. 

Apple iOS, 2020

Apple is generally famous for its impregnable security (remember the old myth that Apple Macs couldn’t get viruses?). However, in 2020, hackers did discover a vulnerability in its iOS mobile operating system. This flaw allowed cybercriminals to remotely access and control unlucky users iPhones.

What can you do to protect your business?

Update your software regularly

The easiest way to protect your business against zero-day attacks is to regularly patch your software and operating systems. It shouldn’t take you more than a couple of minutes each month. All it requires is that you check now and then for any new updates to tools and software you use. Or, if you want an even easier solution, simply turn on auto-updates in your device’s settings, and you won’t even have to think about it.

Use a firewall and anti-malware

Firewalls and anti-malware tools are the first line of defence for most cybersecurity threats and zero-day attacks are no different. Good firewalls and anti-malware can thwart some zero-day attacks the minute they enter your system. 

Limit the number of applications you use

Most businesses already do this to some extent, software costs money after all. However, when it comes to protecting your business against zero-day threats a simple maxim applies: the less software you have, the smaller the number of potential vulnerabilities. So try to use only the software and tools your business really needs. 

Educate your team 

Most zero-day attacks capitalise on human error in some way. So educating your employees on good security practices and habits can help reduce the risk of a successful zero-day attack. For more on how to go about this, check out our blog on security training

Protecting your business on a budget is tricky. Calling in the experts or investing in the latest tools is expensive. So what can you do? CyberSmart Active Protect secures your business around the clock with no need for costly consultants, tools or an in-house team. Try it today.

Active Protect CTA

What is a DDoS attack?

The cybersecurity industry has long had a reputation for impenetrable jargon, be it tools, threats or solutions. So, in this blog, we’re demystifying another confusing term. What are ‘DDoS attacks’? Why should you be worried about them? And, most importantly of all, what can you do to stop them?

How does a DDoS attack work?

DDoS stands for Distributed Denial of Service. And it’s a very simple but potentially very disruptive premise. Cybercriminals pick a target, then flood its network with so much malicious traffic that it can’t operate as it usually would. The result is that legitimate traffic (such as shoppers or readers) grinds to a halt. 

You’ve probably seen this technique used before without necessarily putting a name to it. Google was hit with the largest attack on record in 2017. Meanwhile, Amazon Web Services fell foul of a gigantic attack in February 2020

How common is this kind of attack? 

DDoS attacks are more common than you might think and they’re on the rise. 2020 saw a 151% increase in the frequency of attacks in comparison to 2019. And, to make matters worse, cybercriminals are increasingly targeting small businesses with this kind of attack. 

How much damage can a DDoS attack do? 

A DDoS attack is highly disruptive for any business. But for big corporates, it’s usually something they can swallow. After all, for a multi-billion dollar business, a few days lost revenue and some disgruntled customers don’t have to spell disaster. 

However, for a small business, a DDoS attack can have serious consequences. A successful DDoS attack can take down entire websites and systems. This could mean lost revenue, breached data, reputational damage, dissatisfied customers, and a massive cleanup effort to get systems back up and running. In other words, a potentially critical situation for a small business with limited resources. 

What can you do to protect your business? 

We’ve painted a pretty scary picture so far. But that doesn’t mean small businesses are defenceless in the face of DDoS attacks. There’s plenty you can do to help your business avoid the worst-case scenario. 

Use a Web Application Firewall (WAF)

A WAF blocks suspicious traffic and prevents DDoS attacks from accessing your business’s servers. And, the best thing about a WAF is that it’s easy to customise for your business. For example, if you mostly do business in the UK, you could configure it to block all non-UK traffic. Or, you could take it a step further and blacklist traffic from markets renowned for attacks.

Of course, like all software, you need to ensure you’re patching regularly for it to be most effective. 

Learn to spot the signs

We’re always talking about the importance of security training for your staff and our advice is no different when it comes to preventing DDoS attacks. One of the key reasons that DDoS strikes are so hard to stop is so few people know how to recognise them – until it’s too late and business systems fail.

To give an example of what we mean, did you know a sudden surge in traffic – even for just a few minutes – could signal the start of an attack?

Even basic cybersecurity knowledge among staff about what the threats are, how to spot them, and what to do in the event of an attack, can help your business get a head start on cybercriminals.

For more on security training, read this

Be mindful of your supply chain

A huge proportion of cybersecurity attacks now begin in the supply chain. And, unfortunately, this includes DDoS attacks. Most SMEs are part of a supply chain and lack the security resources of larger partners, making them an enticing way for cybercriminals to attack more glittering prizes. 

These ‘attacks through the back door’ are becoming increasingly common. US retail giant Target was fined $18.5 million after a breach at its air conditioning partner led to the leak of millions of credit card details. 

So talk to your suppliers and partners about their cybersecurity practices and share experiences and advice. For those below you in the chain, this may mean asking for proof that their cybersecurity is in order. And for the bigger companies you service, this could mean agreeing to shared security practices and transparency in the event of a breach. 

Protecting your business on a budget is tricky. Calling in the experts or investing in the latest tools is expensive. So what can you do? CyberSmart Active Protect secures your business around the clock with no need for costly consultants, tools or an in-house team. Try it today.

Active Protect CTA

Everything you need to know about firewalls

Firewalls

Firewalls can appear complicated at first glance. However, in reality, they’re easy to set up and offer an important defence against cyber threats. So, to help you better understand firewalls and how to protect your business, here’s everything you need to know. 

What is a firewall? 

A ‘firewall’ is a tool that protects your home or office systems from malicious traffic on the internet. 

Think of it as a well-armed bouncer, checking anything that enters your network for threats. It creates a barrier between a ‘trusted network’ (such as your office) and an ‘untrusted network’, like the internet. 

Firewalls keep your devices operating reliably. But they also protect you from a variety of threats, such as DoS (Denial of Service) and malicious packet attacks.

Most modern devices contain a firewall of some kind. You’ll find one built into your laptop and internet router, although, crucially not on most smartphones. Many businesses also set up a separate hardware firewall in addition to the one built into devices for an extra layer of security. 

Where does the term ‘firewall’ come from? 

The term ‘firewall’ has an interesting history (no, really). The term originally refers to a wall built to contain a fire between adjacent buildings. Later, it was used to describe the metal sheet that separates the engine compartment from passengers on an aeroplane. 

It wasn’t until the 1980s that ‘firewall’ first became synonymous with the internet. The term appeared in the 1983 computer-hacking movie WarGames to describe the act of filtering data coming through routers and possibly inspired its later use.

How does a firewall work?

Firewalls analyse all incoming traffic based on a set of pre-set rules. The rules are then used to filter out anything malicious or suspicious and prevent attacks. 

The slightly more technical explanation is that firewalls filter traffic at a computer’s entry points or ‘ports’. These ports are where information is exchanged with external devices. For example, a rule might look something like this:

Source address 172.18.1.1 is allowed to reach destination 172.18.2.1 over port 22.”

A great analogy for understanding this is to think of an IP address (the unique number that identifies your device) as a house and port numbers as rooms within the house. Only trusted people (IP addresses) are allowed to enter the house at all. Then, once in the house, trusted people are only allowed to access certain rooms (destination ports). 

It’s much like hosting a party at your house, in that you’d probably keep some rooms off-limits. Perhaps there are some rooms that could pose a threat to children or maybe you just like your privacy, either way, the same basic principle applies to firewalls. Trusted devices are only allowed access to certain places. 

Why are firewalls important? 

Simply put firewalls are a vital first line of defence. To return to our bouncer analogy from earlier, without a doorman anyone can enter the building. Without a firewall, anyone can get into your business. 

It’s not difficult for even a relatively unsophisticated cybercriminal to probe your organisation’s devices in an attempt to break into your systems. Without a properly configured firewall, they’re much more likely to succeed. 

What’s more, the consequences can be disastrous. Not only will hackers gain access to your data and potentially leak it or use it maliciously, but the financial hit can also be severe. According to insurer Hiscox, the average cost of a breach for an SME is £11,000, and that’s before we even consider reputational damage or fines from regulators. 

A properly configured, maintained and monitored firewall will go a long way towards protecting your business. 

But what do we mean by ‘properly’ configured? Well, for your firewall to work optimally, you need to ensure it has the power to manage normal and encrypted internet traffic without slowing down your devices or compromising security. A good IT support partner can help you do this or, alternatively, automated tools like CyberSmart can guide you through the process yourself. 

Firewalls and Cyber Essentials 

You might be reading this article because you’ve come across the firewalls section of the Cyber Essentials questionnaire. Or perhaps you’re considering completing Cyber Essentials certification for your business. 

Either way, the section of Cyber Essentials dealing with firewalls can appear confusing. But, in reality, it’s very simple. You’ll be asked about which firewalls you have in place, whether they are password protected and ‘accessible’ services.

The first two elements are self-explanatory. All you need do is list the firewalls you use and set up password protection for them if you don’t already have it (the questionnaire or one of our team will provide guidance on how to do this). However, ‘accessible services’ is a little more complicated. 

What does ‘accessible services’ mean? 

‘Accessible services’ is the traffic that is approved to pass through the firewall. In an office environment, your firewalls will usually be configured so that IT support can access anything they need to. However, most of us aren’t working in an office at the moment and home routers are often set up to block all services as default. 

Sadly, working from home doesn’t mean the end of all IT troubles, so your remote workers may wish to allow external access to their personal router. If this is the case, then it’s best practice to allow a single, static IP address through the firewall. That way, you can be sure your IT support team, and only the IT support team, has access. 

And that’s all there is to firewalls. Hopefully, this has answered most of your questions but, if there’s anything else you’d like to know, please get in touch with one of our team.

Looking to improve your cybersecurity but not sure where to begin? Start by getting certified in Cyber Essentials, the UK government scheme that covers all the fundamentals of cyber hygiene.

CTA button

Essential cyber security terms: decoded

If you’re like most people, no one ever taught you how to use a computer. Not properly. They aren’t like cars. Rightly so, we force excitable teenagers through a host of training before we let them behind the wheel. They spend months in lessons learning the basics of how to use it, maintain it, and control it before they can be trusted to take it out on the road.

No, at some point most of us just sat down at a screen, ignored the instruction manual, and relied on some well-designed user interfaces to figure it out ourselves.

This is a dangerous game. Your computer is not an isolated piece of hardware. It is linked to that greatest of connectors and stores of information- the internet.
These computers have access to your banking details, your shopping preferences, your personal data and correspondence and most of the time we’re operating them with very little training or testing.

As the world of cyber security develops, it’s important that businesses and customers have at least a rudimentary knowledge of basic terms which they may come across as they live and work via their computers. You don’t have to be an IT technician to protect your device, just as you don’t have to be a mechanic to check your oil.

We’ve compiled a short list of some of the most common terms in the cyber security world and what they mean for you. So hopefully, next time you see a prompt for two-factor authentication, you’ll take them up on it:

Antivirus
Antivirus software is used to prevent or remove unwanted malware from infecting a computer. Using this software provides a computer user with a safer working environment and a more efficiently operating computer. There are lots of companies offering anti-virus software including Avira, Symantec and McAfee.

Breach
An incident in which data, computer systems or networks are accessed or affected in a non-authorised way. Also known as a ‘hack.’

Bring your own device (BYOD)
An organisation’s policy that allows employees to use their own personal devices for work purposes.

Cloud
Where shared compute and storage resources are accessed as a service (usually online), instead of hosted locally on physical services. Resources can include infrastructure, platform or software services.

Digital footprint
A ‘footprint’ of digital information that a user’s online activity leaves behind.

End user device (EUD) or end point
Collective term to describe modern smartphones, laptops and tablets that connect to an organisation’s network.

Firewall
A network security system that monitors and controls incoming and outgoing network traffic. Establishes a barrier between a trusted internal network and untrusted external network, such as the Internet.

Malware
Malicious software – a term that includes viruses, trojans, worms or any code or content that could have an adverse impact on organisations or individuals.

Patching
Applying updates to firmware or software to improve security and/or enhance functionality.

Pentest
Short for penetration test. An authorised test of a computer network or system designed to look for security weaknesses so that they can be fixed.

Two-factor authentication (2FA)
The use of two different components to verify a user’s claimed identity such as a password and text to your mobile device. Also known as multi-factor authentication.

Why Cyber Essentials is Important for SMEs

Over the last few years, cyber attacks have become an imminent danger for businesses. With this growing threat, cybersecurity is now a responsibility rather than a luxury.

Despite this, most SMEs are at risk of being breached either through a lack of awareness or the lack of action. This is a concern for SMEs since the fines and costs associated with cyber attacks can put them out of business.

A KPMG survey suggests that only 23% of small businesses prioritise cybersecurity as a top concern. This is being said even though 60% of small businesses have experienced a cyber breach that led to brand damage and loss of clients.

As an SME, this is the right time to act and move forward with the cybersecurity agenda. The UK Government is helping these businesses by providing a range of standards and guidelines. The most useful of these perhaps is Cyber Essentials, particularly for small businesses.

In this blog post, we highlight benefits of Cyber Essentials for SMEs.

What is Cyber Essentials?

Cyber Essentials is a scheme backed by the UK government that was launched in 2014. The standard provides simple but effective guidelines that protect organisations against cyber attacks.

The primary aim of this scheme is to encourage and guide organisations to adopt the best practices in their information security strategy. Once fully implemented, Cyber Essentials will provide organisations with basic protection against the most prevalent cyber threats.

Even though it is not the silver bullet to cybersecurity, it is the first step in the right direction for SMEs to protect themselves in this age of cyber warfare.

Benefits of Cyber Essentials for SMEs

There are a number of benefits that SMEs can look forward to when getting certified for Cyber Essentials. Here are four reasons why Cyber Essentials is important for SMEs.

1.      It helps protect against common cyber attacks

A majority of cyber attacks exploit basic weaknesses in organisations such as the lack of updated software or well-configured firewalls. Often, these types of attacks are simple to defend against with straightforward strategies and Cyber Essentials provides those.

While there is no security strategy that will stop a hundred per cent of the attacks, Cyber Essentials helps organisations mitigate the risks of the most likely ones by providing a strong base for SMEs to work with.

2.      It prepares you for being GDPR compliant

The General Data Protection Regulation (GDPR) came into force earlier this year across the EU. As part of this regulation, organisations that are processing personal information of EU citizens need to protect this data against data theft and unauthorised access. If an organisation is found to be negligent to the GDPR in the event of a breach, the business could face fines of up to 4% of their global turnover.

Following the Cyber Essentials scheme can assist businesses in preventing these heavy fines and prepare them for compliance with GDPR. Even though the GDPR requires a lot more than the five controls in the Cyber Essentials scheme, the latter allow you to audit your internal security and fend off the basic security threats. It is the first step towards preparation of GDPR compliance for SMEs.

3.      It enables you to bid for government contracts

The UK Government has made it mandatory for suppliers to be compliant with the Cyber Essentials scheme to be eligible to bid for government contracts.

If a contract involves certain technical services or handling of sensitive information, then you need to be Cyber Essentials compliant. Therefore, for SMEs that are looking for a government contract, Cyber Essentials is the only way forward.

4.      It shows customers and vendors that you take cybersecurity seriously

Customers and even vendors can often be sceptical in dealing with you if you display little or no concern for cybersecurity. Becoming Cyber Essentials certified can help you establish the trust of clients and partners.

Once you are certified, you will be able to display a Cyber Essentials badge on your business website. This badge proves to customers, vendors, and investors that you take the security of systems and integrity of data seriously. This is particularly important if you are storing, processing, or transferring personal information or hosting sensitive data.

Conclusion

SMEs are as likely, if not more, as large organisations to be at risk of a cyber attack. An important step that SMEs can take to improve their cybersecurity is to get Cyber Essentials certified. This has a number of benefits including protection against prevalent cyberattacks and a competitive advantage for bidding on government contracts.

CyberSmart partners with SMEs to advise them on how to become compliant with leading schemes and standards such as Cyber Essentials. If you would like to learn we can help you become Cyber Essentials certified or Cyber Essentials in general, get in touch.

How long is Cyber Essentials valid for?

Following on from our last blog post, “Steps to prepare and pass Cyber Essentials” this post builds on that advice and discuses the time it takes to achieve certification.

Cyber Essentials scheme encourages businesses to adopt best practices to protect themselves against common security threats. With time, the variety and complexity of these cyber threats are increasing, consequently, cybersecurity standards such as such as Cyber Essentials are constantly evolving their requirements.

This is the reason most standards and schemes have a validity period for their certification. Cyber Essentials is reviewed annually and the UK Government recommends that all certificate holders must review their certification annually to remain on the official register of certified businesses.

In this blog post, we discuss the validity period for Cyber Essentials and how the recertification process works.

How much time does it take to get your business certified?

When you apply for Cyber Essentials, and following payment of £300 plus VAT (at the time of publication), you will receive a self-assessment questionnaire. You have up to 6 months to submit the questionnaire to the certifying body for review and a decision on your certification. If you fail to submit your self-assessment questionnaire within this period, your application will be cancelled, and you will have to make the payment again.

On average, we have found that it takes small businesses around 2 weeks to complete their assessment.

Following submission, it usually takes on average 3 days for the certification body to give you a response. If everything is in order, they will award you your Cyber Essentials certification.

In the case of Cyber Essentials Plus, the process takes a little longer and will typically involve an additional on-site audit and a system vulnerability scan from a registered competent contractor.

Depending on the time and size of your business, it can take up to 6 months to receive a Cyber Essentials Plus certification.

How long is your certification valid for?

There is no definitive period of validity for a Cyber Essentials certification. But, the UK government recommends that businesses renew their certification annually. If you fail to renew your certification within a year, you will be removed from the list of certified organisations.

Cybersecurity is continuously evolving with new requirements and best practices being established every day. To keep your business protected, it is important you stay updated with these new developments. Re-certifying helps demonstrate to your clients that you are improving your security to counter newer threats.

Your accreditation body should inform you by email around a month before you are expected to re-certify. When you receive this email, it is a good time to start preparing for the re-certification process.

How long does will it take to re-certify?

The recertification process is almost the same as the certification process.

Therefore, time durations are similar and you should receive your updated certification within 3 days of you submitting your assessment.

You should factor in the personal time and investment to re-enter all the original information from your previous applications to the recertification questionnaire as the sequence and content do change annually to reflect the changing security environment and requirements for cybersecurity.

In case of changes to the security infrastructure of your organisation, your answers should reflect the changes. If there are no changes, then you can copy and paste the answers from the questionnaire that you filled the previous year.

Conclusion

The bottom line is that you and your business need to re-certify annually to retain your accredited Cyber Essentials registration. The scheme’s current certified businesses are registered on a publicly accessible register, so there is no hiding if you have not completed your annual recertification.

The benefits of getting re-certified include improved protection against emerging cyber threats and reduced risk to your business through an annual review of your adherence to compliance standards.

CyberSmart is an automated compliance service that helps businesses seamlessly track and renew their Cyber Essentials certification. In our next post, we will look at how CyberSmart has been proven to speed up the process for you and your business, saving valuable time, effort and potentially cost. If you would like to learn more about how we can help you remain protected and compliant, get in touch with us right away.

My Business Is Scaling; How Do I Secure My Customer Data

Whether it be personal or operational, stolen data often results in disaster for small businesses. It can result in loss of revenue, customer trust, and reputation for the business. Data breaches are a growing concern for UK businesses, particularly the ones that are scaling to expand their operations.

Implementing security measures at a small-scale is easy, but as your business grows, it becomes more difficult and complex implement efficiently. In this blog post, we provide some effective tips on how businesses can secure their customer data as they scale.

Encrypt your data

One way to increase the security of your confidential data is to store and transmit it in an encrypted format. This keeps your data secure even if hackers get access to it. The encryption renders the information unreadable and hence unusable by the hackers.

Encryption is a great prevention technique that solidifies your organisation’s defences against hackers. There are numerous encryption techniques and standards that can be used to protect your data. Consult with your service provider or security expert on which one you can use to ensure data confidentiality.  

Disable remote access

Most data breaches can be attributed to hackers gaining remote access to the network. To protect your business against this, it is recommended that you limit remote access to your network.

This can be achieved by disabling remote access from all external networks. Or, a possible way of limiting remote access is to whitelist devices that can remotely access your network. The remote access should be disabled for all other devices other than these.

Limit data accessibility

Access control or limiting data accessibility is an effective way to secure control data. It limits users within your network to access only the data that they need for their job.

Regardless of how well-known or trusted an individual is, their access to information should be restricted. For third-parties such as clients, you should create guest users that can only access the information that you wish to share with them.

There are several benefits of using access control. Firstly, it helps you to hold users accountable in the case data is illegally manipulated. Secondly, it allows for damage control in the case hackers breach your network and gain access to a user account. The hackers will only be able to access the information which the breached account can.

Educate your employees

Employees are integral to an organisation’s information security plan. Hackers can breach even the most advanced cybersecurity defences because of a simple mistake by an employee. For instance, you might have a strong password policy but if hackers can still manipulate employees to give away their passwords.

To prevent this, it is important to educate your employees. This can be done by implementing an information security policy and conducting training sessions. The information security policy should provide best practises and guidelines for employees. For instance, it should require employees to not share their personal information with anyone.

In the case of a breach, your information security policy should provide guidelines on what employees should do. New employees should be made aware of the information security policy and how to comply with it through training sessions.

Conclusion

It is essential for businesses, particularly SMEs that are growing, to secure their customer data. A breach can result in severe financial loss and irreparable reputation damage. Fortunately, you can take some measures to protect your information as your business expands. You can encrypt your data, limit remote access and data access, educate your employees, and monitor data for insider attacks.

CyberSmart partners with businesses to help them protect themselves from 80% of attacks. We provide automated compliance services that ensure businesses follow best practises for security. Feel free to reach out to us if you would like to learn more about how to secure your customer data.

Free Ways to Protect Your Business from Cyber Attacks

Cyber attacks have grown significantly in number over the years. Among these attacks, small businesses and startups are the most common targets. Factors such as the lack of access control or absence of an information security policy make businesses vulnerable to breaches.

It has become essential for SMEs to remain vigilant. As a business owner, you need precautionary steps to protect yourself against cyber attacks.

In this article, we guide you on how you can protect your business from cyber attacks, free of cost.

Develop a strong information security policy

The first step towards protecting your company from cyber attacks is to develop a strong security policy. Such a policy should consist of rules and guidelines that cover all aspects of the company’s cybersecurity. It is not important to just create an information security policy, but to enforce it as well.

In the 2016 cyber security intelligence index, IBM found that 60% of their cyber breaches involved employees. Even though most of these had wrong intentions, more than one-fourth of these incidents happened mistakenly, when the employees opened spam pop-ups, emails, or links.

This is the reason it is important to make sure that employees are aware of the information security policy. Documenting a formal security policy with detailed guidelines is the best way to keep your employees aware.

For instance, a clause found in most security policies is to make sure that strong passwords are used. For making the employees aware, you can document and pass out requirements such as passwords should be a minimum of 8 characters in length with special characters.

Similarly, a strong information security policy should have rules to minimise risk from the use of personal email, public Wi-Fi, third-party software, and external URLs and links.

Make use of encryption

All data that is saved on a company’s server or the cloud should be encrypted. The encryption of data ensures that even if data is breached, it cannot be used for malicious purposes.

Basically, encryption converts the data into an unreadable format until a specific key is provided to access the data. You can use a software or hire a third-party vendor for this purpose.

Businesses store confidential information about employees and customers such as their credit card information and national insurance number.

It is essential that you protect this information from getting breached in the first place. However, as a fail-safe, encryption should be used to prevent hackers from accessing the information.

Control access to restricted information

A simple rule of thumb for businesses should be: all information should not be available to everyone. This is because it makes your business more vulnerable. The more accessible your information, the higher the number of possible entry points for the hackers.

Sensitive data such as employee or customer information should be accessible by certain people only. This is known as access control. With access control, there are fewer chances of access by an unauthorised person.

This is an important step for securing your company from cyber attacks. You can implement access control by simply defining user roles and establishing user types within the system.

Once access control has been implemented, you should conduct a session to inform employees about compliance with the rules. For instance, you should tell them what kind of access is unauthorised, and who is allowed access to what data.

Update software and operating systems

A common entry point for hackers is by making use of known exploits in software and operating systems. Therefore, the developers of such software provide regular updates and patches to fix known exploits.

Cybersecurity is not concerned with the use of high-end premium software, but rather how updated your software is. It is best practice to always keep your software and operating systems updated. Schedule your systems to auto-update whenever a security patch or update comes out to minimise vulnerabilities.

Conclusion

With cybercrimes on the rise, businesses are now in an urgency to protect themselves. You can improve your business’ cybersecurity by following the strategies that we have outlined above.

Even if you cannot spend considerably on cybersecurity, these free ways will help you protect your business from cyber attacks.

CyberSmart knows the importance of protecting yourself against breaches. If you are looking for more information on the strategies above, or would like to learn about how to protect, contact us to get in touch with a professional from our team. We will help you strengthen your defenses without having to empty your wallet.

Why do businesses only care about cybersecurity once they get hacked?

Small and medium sized companies are putting a third (32%) of their revenue at risk because they are falling for some of the common misconceptions around cyber security, leaving them vulnerable to losing valuable data and suffering both financial and reputational damage.

Organisations in any industry face this risk. Due to the capability and sophistication of attackers securing personal data will always be in development. There is still reasons to make it as hard as possible and not be victim to the most basic attacks.

We’ve written a list of the most common reasons organisations get hacked and how you can avoid them.

Difficult to visualise the impact of risk mitigation

Businesses are always looking to increase their growth rate. At early stages, startups tend to spend a high percentage of their time in building innovative features & investing in user acquisition. This usually leaves behind little to no budget for investing on other things such as cybersecurity. Similarly, enterprises need to meet revenue goals for each quarter to maintain their stock prices.

It is often difficult to convince such startups and revenue-driven companies to invest their money in projects that do not directly contribute to an increase in revenue. Planning ahead will save you money in the long term, and cybersecurity is something you should insure your organisation with sooner, rather than later. Pro-active defense rather than reacting to a breach.

It is difficult to quantify how much damage such a breach can cause. In some cases, it can be something trivial that doesn’t require public disclosure (still reported to the ICO). Whereas in other cases, it could permanently damage an organisation’s reputation.

Lack of incentives

Attempting to hack systems is inexpensive. Yet, a successful hack can lead to huge profits for hackers through extortion and theft. The payoff of a successful hack against the relatively little investment is an incentive for hackers.

On the other hand, when businesses take measures towards cybersecurity, there is little incentive to look forward to. From a day-to-day’, high street business perspective, it is not perceived a valuable incentive. Even though the benefits of implementing cybersecurity measures far outweigh the losses.

When your organisation takes out an insurance, you pay your premiums upfront before benefiting from the protected losses in an unplanned event such as a fire or break-in. The same attitude should be considered when protecting your business with cybersecurity, you will be grateful for having put in protections earlier rather than once you’ve been hacked.

Indeed, the motivation for hackers is far greater than the motivation of businesses to protect against them. Think long term, and think about the headache you will prevent from having to deal with a critical situation.

Inadequate training of employees

For the most part, technology can keep its own attackers out. However, it is often the technology users that unknowingly allow hackers and malicious software in.  We have seen that on most occasions, computers are not the points of failure, but instead it is the people who are targeted in social engineering attacks. These attacks are used in a variety of ways to trick employees into providing their sensitive information. For instance, hackers might impersonate officials or large companies/orgs via email, SMS or phone calls. Commonly known as phishing, SmSishing & vishing.

Even if a business has covered cybersecurity from a technological perspective, there is more to be done. Social engineering attacks, can be easily prevented by holding regular training sessions for employees on information security. Emphasising a culture which provides an adequate reporting process without inducing fear on staff job security. Educating employees is one of the best tools to protect your business’ cybersecurity.

Absence of an information security policy

Cybersecurity is not just about intrusion detection and prevention. A key part of it is about ensuring that preventive measures are in place to reduce the risks of intrusion in the first place. This human element is one part of cybersecurity that most often gets ignored.

Any organisation that wants to strengthen its cybersecurity needs a detailed set of guidelines that address these ‘humanistic’ issues. This is where it is important to have an information security policy in place. A well-written information security policy addresses subjects such as password protection, software updates, and access to web content.

It is important to mention that an information security should be documented in a manner that is easy to understand for employees. It is one thing to create a security policy, but the key is to actually implement it within an organisation.

Conclusion

Most businesses feel that cybersecurity is an overhead cost to their operations. It is not until these organisations suffer significant losses to breaches that they realise how important cybersecurity is. With the rise in cyberattacks over the last few years, it is now time for businesses to all sizes to start taking cybersecurity seriously.

CyberSmart provides cost-effective cybersecurity compliance that help businesses protect themselves. If you would like to discuss further on the importance of cybersecurity for your business, feel free to reach out to us.

Top 10 Antivirus Products to Use for Cyber Essentials

Keeping computer systems protected against viruses and other forms of malware is one of the first steps towards cybersecurity for an organisation. This is one of the five key requirements of the Cyber Essentials scheme that organisations need to fulfil. The most effective strategy for meeting this requirement is to make use of an antivirus product that can keep unwanted malicious content and programs away.

However, with a wide variety of antivirus products available out there, it can be difficult to choose the best one for your organisation. When choosing an antivirus solution, organisations need to keep a number of factors in mind including the pricing, features, and platforms it supports.

To assist you in making the right decision, we have listed the top 10 antivirus products that you can use when preparing for a Cyber Essentials certification.

1.      Trend Micro Worry Free Advanced

Trend Micro provides comprehensive protection against malware and viruses in the form of its Worry-Free Business Security Advanced antivirus solution. It covers all the basics antivirus features such as real-time scans and scheduled scans and comes with advanced features such as anti-spam, web content filtering, ransomware shield mobile device management, and email security. Additionally, the antivirus software can detect malicious activity through USB ports and external devices to provide security against physical breaches as well.

Platforms it is available on: Android, iOS, Microsoft Windows, macOS.

2.      Panda Endpoint Protection Plus

The Panda Endpoint Protection Plus is highly rated as one of the best enterprise antivirus products because of its advanced features and budget-friendly price. The antivirus suite comes with a well-designed management console that enables you to monitor systems in real-time. It can protect your systems against basic as well as advanced threats such as malware, spam, malicious web content, and viruses. Even though this antivirus product can sometimes slow down your computer systems, it is a choice worth considering, particularly for small businesses.

Platforms it is available on: Android, Microsoft Windows, macOS, Linux.

3.      Norton Small Business

Norton Small Business provides tailored features to small enterprises, although the protection remains the same as the ones used by large organisations. Other than providing all the basic features for protection, Norton’s Small Business antivirus product provides protection across different devices with a single license. You need a single program to protect both remote and in-office systems and manage them over the cloud. Overall, it is a good value option with a simple installation and configuration process.

Platforms it is available on: Android, iOS, Microsoft Windows, macOS.

4.      Kaspersky Small Office Security 5.0

An effective and user-friendly antivirus software that you can use to keep your systems protected is Kaspersky Small Office Security 5.0. According to independent testers, it blocks more than 99% of malware and associated hacking attacks. The features include real-time protection, anti-spam, content filtering, and firewall. The firewall is a welcome feature that can prevent unauthorised access to your data, along with strict control of your browsers that disallow access to malicious web content.

Platforms it is available on: Android, iOS, Microsoft Windows, macOS.

5.      Bitdefender GravityZone Business Security

Bitdefender’s GravityZone Business Security is a good option to consider if you want a high level of protection against malware threats across devices. Even though the installation and setup process of this product is quite lengthy, the antivirus software is quite simple to use once you pass those stages. The features include real-time protection, URL filtering, firewall, anti-malware, and web advisor among others. However, unlike most other antivirus products on this list, Bitdefender does not provide device location services for finding lost devices with this solution.

Platforms it is available on: Android, iOS, Microsoft Windows, macOS.

6.      Sophos Endpoint Protection

The Sophos Endpoint Protection antivirus is suitable if you are looking for basic protection at a low-cost. Even though it is not as good as the other antivirus products in this list in terms of usability, it does a fair job in keeping away malware and viruses. The plus point is that it is much cheaper than other solutions so it can be a suitable choice for SMEs. The Sophos Endpoint Protection Advanced provides advanced protection feature such as blocking suspicious URLs and monitoring user behaviour to detect threats.

Platforms it is available on: Android, iOS, Microsoft Windows, macOS.

7.      ESET Endpoint Security

ESET Endpoint Security is a great all-in-one antivirus solution that provides you with protection against all kinds of malware including trojans, viruses, and ransomware. Like Bitdefender, the ESET can be difficult to install and configure but once everything has been set up it works perfectly in protecting the devices within your organisation. Other than its good overall performance, its adjustable pricing policy makes it an option worth considering for SMEs.

Platforms it is available on: Android, iOS, Microsoft Windows, macOS, Linux.

8.      McAfee Endpoint Security

McAfee Endpoint Security is a cloud-based antivirus product that helps you secure and protects all internet-enabled devices within your organisation. It provides a variety of features that help in preventing, detecting, and eliminating malware from computer systems. The excellent customer support provided via multiple channels (email, live chat, and phone) make this a good choice for an antivirus solution.

Platforms it is available on: Android, iOS, Microsoft Windows, macOS.

9.      Symantec Endpoint Protection

Symantec is a renowned company in the cybersecurity industry, particularly because of its feature-rich product. The Symantec Endpoint Protection Business is widely appreciated because of its high-performance and functionality. It provides a range of advanced protection features including intrusion prevention, firewall, behaviour monitoring, multi-level security policies, remote data management, and device location.

Platforms it is available on: Android, iOS, Microsoft Windows, macOS, Linux.

10. Avast Business Antivirus Pro

Avast Business Antivirus Pro is a reliable antivirus product that comes with a range of malware protection features. The antivirus software provides advanced protection features including browser protection, firewall, anti-spam, remote control options, email protection, and basic antivirus. It provides protection against third-party software installation by providing sandboxing that enables you to run applications in a ‘secured’ environment.

Platforms it is available on: Android, iOS, Microsoft Windows, macOS.

Conclusion

Regardless of how small or large an organisation is, one of the key steps that it can take to protect itself against cyberattacks is to use an effective antivirus solution. This is a major requirement that organisations must meet in order to be compliant with Cyber Essentials.

CyberSmart is an automated compliance service that helps organisations simplify the process of getting certified with leading standards such as Cyber Essentials. If you have any questions about which antivirus product you should choose for your business, get in touch with our experts right away.