Whether you’ve got ten resolutions for 2017 printed, laminated and on your wall, or all you’ve got so far is ‘make it through the first day back at work’ (you’re nearly there, congrats!), the one resolution you should be aiming for is to make sure you’re on top of cyber security for the year ahead. In today’s blog we’ve got a handy guide to surviving cyber security in 2017, complete with key trends, top tips and expert insights!
Get fit, be kinder, stop using vinegar like it’s water; people’s New Year’s resolutions are varied, but the whole rigmarole of making and breaking them can feel like it’s more hassle than it’s worth. Our CEO Lawrence Jones MBE is a big fan of goal setting, and it’s a great habit to get into, but if you want to ease in gently with just one then security is the one to go for.
2016 admittedly wasn’t a great year for celebs, and it was a rough one for cyber security as well. High-profile casualties ranged from Three, Tesco Bank and Ashley Madison to Snapchat, Yahoo, LinkedIn and loads more; and research has shown time and time again that SMEs are just as vulnerable, especially with attacks being potentially crippling to a growing business.
So, 2017 is the year to step up to cyber security; we can’t control which celeb will be next to leave this mortal coil but you can control how vulnerable your business is. Here’s our handy guide to surviving cyber security 2017.
First up, know what’s hot and what’s not. Key terms for the year ahead are starting to surface and there will be more on their way, so staying educated is a must. Watch the news, sign up for newsletters (our security bulletin goes out on the first week of every month and is jam-packed with updates, advice and what to look out for) and make sure you educate your team too.
The top five threats currently on the radar for 2017 are:
- Don’t get held to ransom – Ransomware – attackers breaking into systems, freezing them and then demanding money to release your data – was huge in 2016 and will likely become even more sophisticated in the year ahead. Oh good. Regularly back up your data to a separate location and beat attackers at their own game!
- Internet of Things that are trying to attack you – With the Internet of Things on the rise, the number of vulnerable devices are too. Make sure your snazzy new gadget isn’t going to turn on you and ask about security when you buy it.
- Don’t be in Denial – Distributed Denial of Service (DDoS) attacks are massive in both senses of the word, as they flood systems with huge amounts of info to knock them offline. Invest in DDoS protection to help guard against them.
- Bring your own security – Mobile working is on the rise for increasingly savvy workforces; if your team are out and about, make sure you have a strong Bring Your Own Device (BYOD) plan in place so that they’re not leaving company secrets in Starbucks.
- Going phishing – Phishing attacks – emails that pretend to be from a trusted source to get you to click on dodgy links – are also on the rise and increasingly hard to tell apart from legit emails. Before clicking on any link in an email double check where it’s coming from (sometimes weird email addresses give them away) and put the link into a link expander to check that the source is who it says it is.
How to stay safe
Hate to be the bearer of bad news this early in the year but, unfortunately, there is no fool-proof way of protecting yourself. The good news is there are lots of things you can do to reduce your risk, as well as the likelihood of getting fined for lackadaisical security, which is a bit of a double whammy if you do actually experience a breach. Here are our top five suggestions for staying safe in 2017:
- Know thy system – Surely you know what’s going on with your system right? Well, maybe not. Attackers often lurk in systems for months undetected. Doing an initial vulnerability scan and penetration test – where ‘white hat’ hackers check your system for you – and then setting up continuous monitoring will alert you to any subtle changes in your system. It’s also important that sysadmins account for all devices they can find on their networks – don’t forget that test server you used for a few weeks and forgot about.
- Two factors are better than one – Two Factor Authentication (2FA) involves adding a second step to your account login process – such as having a code that’s sent to your phone that you put in alongside your password – and is a good way of adding an extra layer of security to your system. UKFast clients can enable 2FA in MyUKFast.
- Backup and running – Keep regular, clean backups of your system so that if the worst should happen you’re not crippled.
- Password Manager – Long, strong, unique passwords are vital for good security but can seem like a massive faff, so if you struggle to remember them all, employ a password manager to remember them for you!
- Educatation, education, education – Make sure your entire team from top to bottom is up to speed with security – attackers are increasingly finding ways to get to top-level execs through lower-level employees, and one weak link in the chain can bring the whole thing crumbling down.
Ask the experts
If you feel like this might be a bit overwhelming on the 3rd of January then there’s never been a better time to ask the experts; we’d recommend hiring a cyber security specialist or going to a trusted third party.
To sign off, here’s a handy video from cyber security experts at our recent round table sharing their top tips for the year ahead!