In Utah’s early days, bad men used bandanas to cover their faces and they used six-guns to rob people. Today’s bandits hide behind a computer and could be on the other side of the globe.
In our modern world, “there are parties that will act in deliberately hostile or antisocial ways—parties that would do us harm or separate us from our money or violate our privacy or steal our ideas,” explains the book At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues.
It is an issue that impacts large corporations, small businesses and even individuals. Here are some tips for building a defense against cyberattacks.
1. Create an organizational culture to support cybersecurity
There is no silver bullet to ensure total cybersecurity. Rather, it is a continuous process that requires support and awareness from every employee within an organization. Make cybersecurity education a priority in your business. Consider developing an information security policy that employees sign off on in their employee handbook and follow up on the policies with regularly scheduled cybersecurity training. For example, test your employees’ knowledge of how to identify a phishing email. Can you tell the difference between a legitimate website and a phishing attempt? Test yourself here.
2. Take an inventory and identify your most valuable assets
Every business, from small mom-and-pop shops to large corporations, has essential data it requires to function. No matter the size of your business, if you are collecting personal information of your customers you are obligated to protect it. In order to best defend yourself against cyber attacks, you first need to know what your critical assets are. What information could someone target that, if lost, would cripple your business? Once your inventory is complete, consider backing up essential data or properly discarding sensitive information that you no longer need. To guide your inventory process please see the GAP assessment available at the MEP Center website.
3. Understand the threats that exist
Cyber crime is continuously evolving and new innovative ways to undermine your business are constantly being created. Take some time to understand common cyber attacks so you can better anticipate likely scenarios. For example, cyber criminals will often target outdated systems and take advantage of vulnerabilities in your network that already have solutions or ‘patches’ available. Knowing this, you should install updates to your software as soon as they are available.
4. Implement basic controls
Simple solutions can have an incredible impact on your cybersecurity status. There are many quick, easy actions you can take this month that will dramatically decrease your vulnerability. Think to yourself, is a house with locked doors, closed windows, and a barking dog more likely to get robbed or it is the house with the door wide open that’s more at risk? Figuratively ‘locking the door’ can be a simple action that doesn’t take long, but can make you a much less likely victim. Here are a few tips to get you started:
- Check to see if a website starts with https, which signifies that the data you put on the website is encrypted. If a website doesn’t start with https, don’t give them confidential information.
- Set strong passwords, don't share your password with others, and don’t use the same password for multiple sites. Click here for guidance on setting strong passwords.
- Enable two-factor authentication on your bank accounts and other important logins.
- Lock your devices, like your phone and computer, when they are not in use.
- Disable Bluetooth whenever you are not actively using it.
- Never use a USB whose source you don't know, as it could have malware installed on it.
- Be careful when clicking on attachments or links in email. If it's unexpected or suspicious, don't click it.
- Backup your important data in case it is damaged, stolen, or held for ransom by cyber criminals. Make sure to test your backups regularly.
- Limit the amount of information you’re sharing on social media and set strict privacy settings.
- Be wary of public wifi and never do any shopping, banking, or sending of sensitive information from a device that isn’t yours or on a network that isn’t yours.
5. Take advantage of the resources available to you
Cybersecurity may feel ambiguous and intimidating at times, but there is a wealth of information and resources available to support you. Visit http://slchamber.com/cyber/. And be sure not the miss the Salt Lake Chamber’s Cybersecurity Leadership Council’s Cybersecurity Conference coming in March 2018.
To learn more about the Cybersecurity Leadership Council visit http://slchamber.com/cyber/