10 Ways to Prevent Cyber Attacks

It’s hard to pick up a newspaper or log on to a news site and not read about a new cyber attack. High-profile cyber attacks on large enterprises, healthcare organizations, and municipalities continue to raise the public’s awareness of the growing threat of cybercrime.

The cyberattacks below illustrate the enormity of the problem:

• Norsk Hydro experienced $71 million in damages after a LockerGoga ransomware encrypted files, computers, and servers throughout the company
• The City of Baltimore was shut down for weeks and suffered $18 million in damages from an aggressive ransomware called RobbinHood that impacted many of their critical systems
• American Medical Collection Agency experienced a data breach that compromised 25 million patients' PII and forced AMCA to file for bankruptcy protection
• Target was forced to pay an $18.5 million settlement after hackers compromised 41 million credit and debit card accounts impacting 60 million customers

But it is not only large companies and municipalities that are being targeted. Recent surveys such as Verizon’s 2018 Data Breach Investigations Report and the Ponemon Institute's 2018 State of Cybersecurity in Small & Medium-Sized Businesses Report indicate that cyberattacks on small businesses have been steadily increasing.

Statistics from these reports are alarming. Most small businesses in the U.S. lack formal security policies for employees and many lack even rudimentary cybersecurity measures.

Small Does Not Equal Safe

Perhaps because massive attacks on large enterprises make for better headlines, 85% of small business owners falsely believe that their company is safe from hackers. There was a period of time when small businesses were not a frequent target of cybercrime. But then large enterprises began to invest heavily in cybersecurity making the little guys an easier and more lucrative target. It became easier to harvest smaller rewards from a large number of small organizations than bigger rewards from larger organizations with better locks. At the end of the day, a dollar from a small business is worth the same as a dollar from a large business.

Untargeted Attacks Could Destroy Your Business

A statistic cited in congressional testimony says that 60% of small and medium businesses often go out of business within 6 months of a cyber attack. It is important that organizations of all sizes put measures in place to monitor their networks for suspicious activity because untargeted attacks are on the rise.

Targeted Attacks and Supply Chain Interference

Cybercriminals have also begun to focus on small to medium businesses, typically vendors or suppliers to larger organizations, as a gateway into larger organizations because their cyber defenses are typically much weaker than those of more sophisticated enterprises. This concern, referred to as Third-Party Risk, is a growing concern for organizations of all sizes. The Department of Defense is so concerned with this tactic that it will start requiring contractors who provide products and services for the defense supply chain to comply with the Cybersecurity Maturity Model Certification (CMMC) process in 2020.

10 Ways to Prevent Cyber Attacks

There are simple, inexpensive measures that you can take to reduce the risk of a costly cyber attack:

1. Train employees in basic cybersecurity principles
2. Require all employees to regularly change passwords
3. Control physical access to your computers and network components
4. Limit employee access to data
5. Limit employee authorization to install software
6. Backup and safeguard all important business data and information
7. Install and update firewalls and antivirus protection on every computer used in your business
8. Install software updates for your operating systems and applications as soon as they become available
9. Secure your Wi-Fi networks
10. Require individual user accounts for each employee so you can track who does what