We have put together some Frequently Asked Questions to help you understand what Cyber security is and just how important it is to be aware of the dangers in the cyber world.
What is Cyber security?
Cyber security consists of technologies, processes and controls which have been designed to protect businesses and their systems, networks, devices and data from cyber-attacks. Cyber security aims to protect all computer systems from being seriously damaged or leaving the victim with no/limited access to their own confidential files.
What is the average cost of a cyber attack (data breach)?
The Ponemon Institute’s 2019 Cost of a Data Breach Study reported The global average cost of a data breach for the 2019 study is $3.92 million, a 1.5 percent increase from the 2018 study. The report also found that the average cost per record is $150.
What are the differences between a cyber incident, cyber attack and cyber threat?
A Cyber security ‘incident’ is when an attack doesn’t result in a breach to the business i.e. is successfully repelled & the company’s data isn’t compromised.
A Cyber security ‘attack’ is when the businesses firewall has been breached and they have been impacted by it ie they have lost access or confidential data has been leaked etc.
A Cyber Security ‘threat’ is when there is a possibility of a malicious attempt to damage or disrupt a computer network or system.
What is cyber hygiene?
Cyber hygiene refers to the practices and steps that all computer or device users within a business take to maintain and continuously improve their security both on and offline. These practices are often part of a routine to ensure the safety of identity and other details that could be stolen or corrupted.
What steps can I take to improve my cyber hygiene?
1. Install a reputable antivirus and malware software
2. Protect computer with robust firewalls and secure routers
3. Update all software regularly
4. Set strong passwords
5. Enable Multi-Factor Authentication
6. Employ Device Encryption
7. Back up regularly
8. Keep your hard drive clean
9. Secure your router
For more information visit: https://us.norton.com/internetsecurity-how-to-good-cyber-hygiene.html
What is a firewall and is it enough to protect from a cyber attack?
A firewall sits between a computer (or local network) and another network (such as the Internet), controlling the incoming and outgoing network traffic. Without a firewall, anything goes. With a firewall, the firewall’s rules determine which traffic is allowed through and which isn’t.
A company can still be breached either internally or externally despite having a firewall in place. This means that your firewall needs to be continuously checked and regulated by an external party to determine if your network can be penetrated
To ensure your company is secure you must not just rely on a single form of security to protect your business from a potential cyber attack.
“It hasn’t happened to me, so why do I need it?”
Almost 60% of businesses have experienced a cyber-attack and with so many vulnerabilities online, companies are investing heavily in cyber security and training employees, particularly regarding online scams and ransomware attacks.
The 2019 Official Annual Cybercrime Report (ACR) predicts that businesses will fall for ransomware attacks every 14 seconds.
So, we think the real question is, why would any business not need a cyber security strategy?
What are the main types of cyber attack?
- Malware/Ransomware.
- DDoS (distributed denial of service).
- Drive-by.
- Zero-day.
- MITM (man in the middle) attacks.
- Phishing campaigns.
- Virus infections.
What is Malware/Ransomware?
Malware is intrusive software that is designed to damage and destroy computers and computer systems. Its full name is malicious software & can be used in several different types of cyberattack, including phishing campaigns and ransomware & crypto mining attacks.
Ransomware is a form of malware, specifically designed to hold something to ransom. This may be sensitive data, or it may be access to a device or account e.g. a ransomware attacker may block access to an account on your computer, or it may block access to your computer entirely.
Why is Cyber security necessary for small businesses?
Small businesses are collectively subject to almost 10,000 cyber-attacks a day, according to new findings from the UK’s largest business group. Due to the high cost associated with a breach, 60% of these organisations go out of business within 6 months.
Without any kind of cyber security plan in place, small businesses risk their privacy, client trust, financial integrity, employee integrity, data integrity and the longevity of the business.
What should I provide to my staff to reduce internal threats?
The best way to be proactive and prevent cyber attacks before they can manifest into anything unmanageable is to educate your employees. By providing awareness training on a regular basis, this will embed cyber security culture into the workforce and minimise internal threats.
Many regulatory bodies are now pushing for businesses to educate their employees around cyber security including the Financial conduct Authority.
In a report published last month, the FCA urged businesses to tackle staff awareness training at all levels and to ensure the lessons are simple and appropriate to the environment that employees work in.