October is National Cyber Security Awareness Month, sponsored by the US Department of Homeland Security. This annual campaign raises awareness on the importance of cybersecurity.
In today’s online age, the number of threats to businesses and their customers increases every day. Almost daily, more information about cyber attacks makes its way into headlines. These attacks range from sensitive information such as credit cards stolen from companies to claims of movies being stolen from production companies such as Disney.
Small businesses are key targets
Yet, big business is not the only target. About 43 percent of cyber attacks target small business, and 60 percent of these small companies go out of business within six months of a cyber attack. So why is cybersecurity important?
“The increasing prevalence of cybersecurity attacks on both individuals and businesses emphasizes the need for IT security professionals who specialize in cybersecurity.” Attacks are categorized into three general categories:
- Cybersecurity attacks that target hardware and software, such as malware
- Financial crimes, such as online fraud and phishing schemes
- Abuse, also known as “sexploitation”
“The threat of data leakage via unmanaged devices is serious,’ says Eduard Meelhuysen, head of EMEA at Bitglass. ‘But having a culture of restricting staff access can actually make an organization more vulnerable, not less.” Companies are attacked due to employees misusing company systems far more regularly that one would expect.
Creating a safe environment
Creating a security culture within a company is all about training and awareness. Hackers constantly find new ways to access information, which is why constant awareness of threats is so important. Individuals face the same effect of cyber attacks and may receive less training on how to protect themselves from cyber attacks.
Cybersecurity procedures should be treated just as important as health and safety procedures have been.
For companies, training can consist of the following:
- Have a universal security policy
- Start with basics- learn the difference between each type of attack and how to avoid these situations
- Make training relevant – training needs to be specific to your organization
For individuals, the following measures will help keep personal data safe:
- Don’t give out personal information over the phone or via email unless you’re positively sure of whom you’re giving it to
- Keep your operating system, browser, and anti-virus software updated
- Create complex passwords that would be hard to guess
- Never click on links sent via email even if you’re sure they’re legitimate-the safest practice is to go to the company’s website
It’s important to be aware of the risks and threats you might face in cyberspace, but that you also take steps to protect yourself and your data.