By Ross Howard
After the recent WannaCry ransomware virus left organizations around the world in a state of turmoil, it became startlingly apparent that businesses need to be fully prepared for increasingly sophisticated hacking attempts.
At the end of 2015, IBM’s CEO predicted that cyber-crime could be “the greatest threat” faced by every industry worldwide, and the severity of recent outbreaks has reinforced that prediction.
Cyber-security is a critical concern for every organization, so staying informed about the latest threats is a must. In addition, it is vital to develop a comprehensive security strategy—not only to protect your business and its employees, but also to establish a system of emergency measures in case any sector of your organization should fall victim to an attack.
Five Steps Toward Better IT Security
Ultimately, there is no permanent cyber-security solution. Hackers will continue to refine and adapt their methods to find their way around each new defense as it is put in place. This means understanding how to continually improve your IT security is invaluable.
Fortunately, the key foundations of a strong security system are not difficult to implement. They include the following:
Stay on top of updates and patches. This is perhaps the most vital step: Many of the victims of WannaCry were accessible to the worm because they had not installed the latest security update for their system.
Educate your staff about IT security and provide company policy on security hygiene. This should include advice on storing passwords, connecting to WiFi networks and granting app permissions. You should also ensure that your employees are aware of the dangers of connecting unknown USB drives, and clicking on links in emails, even when the sender appears to be a known contact.
Make regular backups. Ideally, all of your data should be continually backed up to an offsite or hosted server. This is good practice as part of your business’ disaster recovery strategy, and it also means that you will still have access to your data if it gets corrupted or detained by hackers.
Test for weaknesses. Many organizations hire professional hackers to search for vulnerabilities in their security systems, so they can identify and resolve any possible exploits.
Dedicate part of your budget to cyber-security. Clearly, your IT security should not be an afterthought. A good security strategy will require maintenance and adaptation as time goes on, so it is important to have money allocated to ensure your safeguards are always fully funded and up to date. Another consideration is cyber-crime insurance, which can help to mitigate the cost of falling victim to a cyber-attack.
Know what to do in the event of a data security breach. Having a strategy in place for responding to attacks means you can confront and neutralize the issue as quickly as possible. Your plan should include details about individuals to notify, how to retrieve backups, and how to isolate infected computers, mobile devices and networks.