Now in its 20th year, Cyber Security Awareness Month aims to raise awareness of maintaining good cyber security standards for both individuals and businesses.
While cyber security usually only makes the news as a result of huge data breach or leak such as the recent Greater Manchester Police data hack, Government figures show almost one in three businesses reported some kind of breach or attack in the 12 months leading up to April 2023.
With such high numbers of businesses still at risk, ADNS can help protect your business against cyber attacks, while keeping your data and systems safe as we head into Cyber Security Awareness Month.
What are the most common Cyber Attacks?
Phishing attacks and malware are among the most common methods used. Luckily however, they are relatively simple to protect against. Medium and large businesses are targeted more than others, with the report from the Department for Science, Innovation and Technology showing 59% and 69% respectively having logged an attack over the same time frame.
What is surprising, is that good password management and protection seems to be on the decline. In the two years from 2021 - 2023, businesses' use of password policies dropped by 9%, while the restricting of administration rights for accounts fell 8%.
Hackers can try to gain access to accounts by hacking passwords through a number of nefarious tactics. From sophisticated software to simply standing over your shoulder, the weaker a password is the easier it is for them. To avoid being a hackers next victim and protect against cyber attacks, ADNS have some simple rules to follow:
Choose a password that is at least 16 characters, using a mixture of uppercase and lowercase letters, numbers and symbols, avoiding common keyboard paths such as qwerty, or number strings like 123456.
Change passwords on a regular basis.
Set up two factor authentication on accounts so if a password is compromised, they will not be able to access your account without your physical device. Think of it as something you know and something you have.
How to avoid phishing attacks
Fail to prepare, prepare to fail so goes the old saying. By recognising the threat that exists, businesses can actively prevent cyber attacks. The same Government report that showed bad password management was on the rise, also worryingly indicated a reduction in the use of network firewalls (down 12%). It’s not all bad news though, as the number of companies undertaking cyber risk assessments overall is up 2%.
What is lacking however, is businesses considering possible threats from trusted third parties, often in the guise of an email from the ‘supplier’. A malicious link is clicked, resulting in a breach in security. It’s an easy mistake to make, with phishing emails being involved in around 90% of modern breaches.
Luckily it's also an easy mistake to avoid with a phishing policy and proper end user training. In general though:
Never click a link you are unsure of, no matter who the email appears to be from.
If an email contains a link, hover over it without clicking it and see the destination’s URL in the lower left corner of your screen. If it looks suspicious
Phishing emails often contain spelling or grammatical errors both in the copy or in the email address itself, such as ‘1’ in place of an ‘l’. Always sense check a sender's email address if unsure.
What is Cyber Essentials Certification?
Launched in June 2014, Cyber Essentials is an industry supported, government backed scheme which helps businesses protect against potential cyber attacks.
While it’s always a good idea to have a better view on any potential cyber security weaknesses, some government contracts require businesses to sign up and gain Cyber Essentials certification to tender for the contract.
The scheme offers two levels of certification, Essentials and Essentials Plus. While Essentials will show you how to prevent the most common attacks, Essentials Plus takes a more hands on approach with a technical verification. ADNS is on hand to provide your business with the correct tools to achieve Cyber Essentials certification.
Cyber Security isn’t just for October. Keep your data safe and stay one step ahead of the next cyber risk. To find out more on cyber security in your business or to get Cyber Essentials certified, get in touch with ADNS today.