Cyber Security During a RecessionReading Time: 4 minutes5th September 2022 | Modified: 19th December 2022
The news is full of it at the moment; a recession is just around the corner. ‘The recession we have been dreading is about to strike’, ‘it will be the longest and deepest recession since the 50’s’. Industry leaders will be rolling back budgets in anticipation, as revenues decrease. Costs must come down!
One of the first places that companies look to make reductions, is their IT budgets, particularly, the section-headed cyber security budget allocation. Why?
The problem with cyber security is that it can sometimes be seen as a luxury item! Especially when there are jobs and the company’s survival is at stake. CISOs can be hard-pressed to show a return on investment, as you’re budgeting for something that hasn’t happened, but that you’re anticipating your business will be hacked at some point. It’s a tough call.
‘Preparation is the best form of defence’
Recession and the economic strains that come with it are exactly the conditions that cyber criminals relish. That a company’s constituent parts get nervous. It’s a time when employees become stressed because they are concerned about their jobs, and the company’s survival. As cruel as it sounds, ever since hacking began, cyber criminals’ primary attack surface is the people who make up your company.
IT security threats are an issue for everyone in the company. But help is at hand, cyber security needn’t break the bank. Yes, every company is different. However, creating a company-wide attitude about the importance of ‘making sure the gates, doors and windows are all closed to your data and IT infrastructure, to anybody but the correct personnel that should have access to them, is simple enough. Vulnerability management training is a crucial component in protecting your business environment from cyber criminals.
Is your business prepared?
Every 39 seconds somewhere in the world, hackers are pulling off a successful cyber attack. 81% of all breaches happen to small and medium-sized businesses. Did you know that 97% of breaches could have been easily prevented with technological solutions that are readily available, today?
‘Identify weaknesses with a cyber risk assessment’
Vigilance about your IT security is paramount in today’s business environment. Get ahead of the situation with technical and procedural controls in place, with a cyber security risk assessment.
There are four key areas to look at when creating a cyber security roadmap.
1. Identify weaknesses with a cyber risk assessment – establish a baseline
2. Develop a strategy – go beyond the basics – security awareness & policies
3. Invest in security – minimize digital asset risk – secure your workforce
4. Protect your brand & reputation – by protecting & insuring your data
Endpoint Detection and Response
It is so important to close any existing vulnerabilities that might be contained within your IT infrastructure. It is critical to ensure that you protect and secure your email. Look at putting into place enhanced password policies, time-outs, and limited user access controls.
Train your users. Teach them about data security, and email attacks. Look at protecting your computers from malware viruses and cyber attacks, by replacing any outdated antivirus solutions that you may have. Install a critical update service, so you can protect your computers with the latest updates.
Consider using system hardening techniques – clean up and turn off all unused programs on your infrastructure. Are all your patches up to date? Check your operating system, firmware, databases, or any critical element that may look to compromise your business. The best practice these days, is to set up a complete security perimeter, to reduce your attack surface.
The dark web is a section of the internet that uses an anonymizing browser called Tor. It has become, in recent years, a rich source of threat intelligence, where cyber criminals sell information. Use an expert to scan the dark web, to see if you need to act now about stolen information about your business, posted for sale on it.
Backing up data is one of the safest ways to protect your company’s data security. So, back up local, back up in the cloud. Have an offline backup for each month of the year, and test them, test them often. A well-thought-through system hardening plan will, of course, include looking at your password policy, and if you don’t have it on your list, multifactor authentication should be on there.
There is a lot you can do to protect your business, and the information held within it so that it doesn’t end up on the dark web for sale. Protect your business IT from hackers breaking into your system. Remember, cyber criminals, don’t take days off, recession or no recession.
At CNC we have a number of Security Services that help our customers protect their business from cyber criminals. Please do not hesitate to contact us on 01273 384100 for further details or email firstname.lastname@example.org.