Since we live in a day and age where everything is almost digital and done with the use of gadgets and other tech stuff, it is inevitable for you to go online as well and conduct whatever your business is there. It is not as if you don’t like surfing the web on your own. The Internet has opened up a world of possibilities that remain to be a game-changer and continues to transform the world that we know and we enjoy every minute of our stay there. However, the online world is also full of dangers now lurking in the virtual form. It does not discriminate, whether you are a public or private entity, big or small, everyone is at risk and can easily fall prey to these online predators.
For years now, individuals, businesses, organizations, and governments have been victimized by online criminals and not only stole data and money but even identity and crippled major computer systems that affected thousands if not millions of people around the world. Despite the lingering threat of phishing, ransomware, and cybercriminals in general, there are actually ways to protect yourself from them and whatever mischief they have in mind and many people are raising awareness about this cause knowing how disastrous it is to fall prey to these vicious attackers that frequent the deepest and darkest corners of the web.
The National Institute of Standards and Technology (NIST) has been dedicating a lot of time and effort to help organizations improve their cybersecurity. We’ve looked at NIST’s Cybersecurity Framework, we’ve talked about how to build it right and the importance of long term resilience. In this article, we’d like to dispel the erroneous idea that NIST’s guidelines are just for large organizations.
Cybercrime is a great threat, regardless of the size of your business, but there are compelling reasons that smaller businesses need to be sitting up, paying attention and, most importantly, taking action.
Smaller groups and organizations are more likely to get victimized by these cons because their defenses are not up to par with that of big companies and corporations, hence can be broken by these virtual culprits without a sweat at all. And when it happens, there is a big chance they won’t be able to recover at all especially for those businesses just around the corner. Fortunately, there are institutions that are taking up their A-game in helping combat cyber criminals and equipping organizations with better cybersecurity measures to fend off these nasty yet anonymous criminals.
Organizations will not be able to do security basics well unless they embrace the process. At the Cambridge Cyber Summit, Mark van Zadelhoff, general manager of IBM Security, said he sees a “cultural shift to treat [security] like programs around safety—a Six Sigma approach to security hygiene.” He believes such an approach will better enable organizations to cope with the rising sophistication of hackers.
Know what hackers will value
“People don’t realize where value lies in their companies,” said Jeffrey Tricoli, section chief, Cyber Division, Federal Bureau of Investigation (FBI), at the InfoSecurity North America event. “Hackers’ valuations [of your assets] are better.”
For example, a company may have strong protections around customer data, but not around the communication channels with those customers. Those channels could become a means to access customer systems and assets. If you know what attackers are likely to go after, you know where to focus your security efforts.
Simple precautions like the careful use of passwords can save you from a great deal of a headache that a possible breach may bring. Password reusing is highly discouraged especially in a bigger business that employs quite a number of people or organizations run by different individuals especially if the same password is used in a separate site that you also manage which can be a double whammy on your part. And since we have already seen a number of ransomware attacks happen this year, we can only expert for more and more efficient malware to target unsuspecting individuals since these culprits now enjoy the money they got from previous exploits. The use of antivirus software also comes in handy and make sure everyone is well-trained on the topic of cybersecurity because opening that one suspiciously-looking email can cost you your business and your life.