Cyber attacks are becoming more common than ever. The black market for Ransomware and Malware has become a billion dollar industry, and that is not going to change anytime soon. This is why it's so important to understand each person's role in your organization, and how you can work together to avoid a cyber attack.
What is a cyber attack?
Since 2002, the FBI has seen an 82 percent increase in the number of computer intrusion investigations (fbi.gov). This rise in investigations is due to the growing complexity and sheer amount of attacks that are happening on a daily basis.
Malware attacks, and specifically Ransomware, are harmful software programs that get inside your system and are able to cause damage to your network. This can be accomplished by deleting data, stealing important information, but most commonly your data is encrypted and frozen. The attackers will then demand a ransom be paid to get your data back.
Attacks are usually directed at financial and medical industries, but small businesses are also vulnerable. Attackers are all too happy to hit a small business with a quick attack for a 5 digit payout.
Even cities are not safe. In June 2019, the Riviera Beach City Council in Florida agreed to pay $600,000 in ransom to hackers who took over its computer system, disabling its email system and preventing 911 dispatchers from entering calls into a computer. That same week the Mayor of Lake City, Florida agreed to pay hackers $460,000 who had frozen city worker's out of the email system. (cbsnews.com)
Each department in an organization has a role to play. It is important that each person in your company knows what to watch out for, and how to avoid a cyber attack online.
The responsibility of making cyber security important starts at the top. CEOs and small business leaders need to make cyber security an important part of their businesses culture.
This means enforcing the tips we will include below, but also doing their part to surround themselves with people who mimic their values. The leaders of an organization are only as good as the people and tools at their disposal.
It is crucial that they are selective with their IT team. You need a team of smart tech people, but you also need people who are able to communicate the most complicated ideas in ways that everyone can understand.
The IT team is going to be the most well versed in what needs to happen to stay safe. However, it is very important that your IT team is aware of the goals of the organization beyond just cyber security.
For instance, they need to be caught up on what future goals are. Different infrastructure is needed as businesses pivot. IT always needs to be aware of the future goals of the company so that they can plan and build security accordingly.
They also need to be in charge of education and policies. It does IT no good to create a strong security infrastructure complete with 2FA , closed firewall ports, and secure VPN tunnels if no one in the organization uses them.
IT needs to be communicating the importance of the cyber side of what is going on and how it can affect everyone. It is smart to have IT do some kind of demonstration of training session in order to get everyone on the same page.
Sales, HR, and Office Workers
Most attacks are designed to attack people at this level. Cyber criminals don't go after the IT geniuses because they know the best way to get access is to trick someone who is not as tech savvy.
It is the role of this part of your organization to follow the security policies set up from IT.
Some of the best ways that people at this level can contribute to a safe security network include:
- Using 2FA
- Strong Password Security
- Keeping up to date on phishing techniques
- Being aware of was malware could look like.
- Feeing open to talk with IT when they don't understand something
- Learning what to beware of online
It may sound intuitive but so many malware attacks are done with social engineering. Websites are created to look like trusted sites, and emails can be stolen. There are countless ways that people are able to get into a network.
Staying on top of the changes and working as a team, between the office workers, the IT team, and the leaders at the top is the only way to hope for a safe security network.