The holidays are upon us. Are you ready for all the traveling and gift exchanging?
Even if you are, we have news for you: Your business may not be as prepared as it should be. The reason: Cybercriminals are lurking everywhere, and they're constantly trying to steal data and finances when you least expect it.
By properly protecting your company, you can ensure you won't have to report any cases of fraud by the time New Years rolls around.
IT criminal activities increase around holidays
Cybercrimes are exponentially growing, especially around the holidays. Research from Kaspersky Lab, according to a release, showed a 9 percent increase in phishing pages that track down financial data in the fourth quarter of 2015 compared to the entire year's average. Similar jumps existed in 2014.
"In 2014, we conducted some research into how the phishing threat landscape behaves itself in the holiday period, and discovered that the number of IT attacks against particular targets – payment systems and famous retail networks – increased during the Black Friday and Cyber Monday period," said Andrey Kostin, senior web content analyst at Kaspersky Lab.
Kostin said IT attacks increased in 2015, and this makes him believe that more of the same will follow in 2016.
And while Black Friday and Cyber Monday have passed, that doesn't mean IT attacks will drop. Consumers are vulnerable during this time of year because they're consistently purchasing items online, and companies are threatened because they're increasingly exposed to cyberstrikes.
Consumers are aware of cybercriminals, but aren't changing their habits
Many consumers know they're vulnerable to being attacked, but few are changing their behaviors to protect themselves, reported a Ponemon Institute study commissioned by Trend Micro.
In a study of roughly 1,900 consumers in the U.S., Europe and Japan, only 20 percent said they are privacy centric (they'll change how they act if they feel their personal information could be compromised). That is actually down from 26 percent five years ago. Now, 61 percent are privacy sensitive which means they still understand and think it's important to keep safe, but won't adapt their behaviors to keep their personal information out of the hands of cybercriminals. This number is up from 56 percent five years ago.
These numbers should frighten consumers because most of them go online at work, according to Internet Retailer citing a Conlumino study.
Your employees' risky online actions can leave your company and investors exposed to IT criminals. The result could be lost or stolen data that damages your business' bottom line or your employees' wallets.
Unfortunately, many companies don't take IT security seriously even if they're well aware of how important it is. In a report by The Institute of Directors, researchers found that 91 percent of United Kingdom businesses believed cybersecurity was important, but fewer than 60 percent had the right protocols in place to ward off an IT attack.
Professor Richard Benham, the report's author, noted that cybercrime isn't something businesses should take lightly because it's one of the "biggest challenges of our generation."
"The spate of recent high-profile cyberattacks has spooked employers of all sizes and it is vital to turn this awareness into action," Benham said in a release. "Customers and partners expect the businesses they deal with to get it right."
How you can protect your business
Cybersecurity isn't just about updating your legacy components by purchasing and integrating advanced solutions into your business (although it is a big part of it). Along with upgrading your systems, here are several other simple-to-accomplish steps you can take to protect your business, employees and consumers.
1. Restrict administration access
Unless employees absolutely need to, there's no reason why they should have administrative access to critical company data.
You should set in place clear policies that restrict access to backend databases and desktops. By tightening security, you can ensure critical data doesn't accidently end up in the wrong hands, such as an inexperienced, unaware or angry employee.
2. Create a comprehensive IT security checklist …
… and hand this list to managers! Many non-IT supervisors don't know exactly what they need to do to keep their systems protected. And it's simply too difficult and time-consuming for IT teams to track every employee's whereabouts and online activities. But what employees can do is create a to-do list that will tell managers what they must accomplish.
A few items on that list could include:
- Update firewalls consistently.
- Keep employees up-to-date on the latest cybersecurity trends, especially as the holidays near.
- Advise customers on how they can keep their information protected.
- Instruct employees on how they can properly deal with cyberthreats, including how they should inform customers if data is stolen.
3. Have backups
It's critical that you backup all data incase it's stolen, whether it's on or offsite, and continue to monitor this data and the systems regularly. While this may take a bit more time and effort, it'll help your company save a lot of time and money if it's breached.
If your planning on storing backups offsite, make sure you do so with a reputable company that uses the most advanced cybsersecurity measures to keep your data protected, such as advanced software and IT protocols incase of an attack.
4. Instruct employees
Don't give the gift of joy (or anything else) to cybercriminals this holiday season. Make sure you take IT security seriously by putting in place a number of steps that will keep your company and employees protected.
If you're not sure how to do this, start by creating an action and prevention plan with your IT team and upper management. Then involve all of your employees by gaining their input. Ask them what makes them feel nervous about cyberbreaches and incorporate their feedback into your overall strategy.
The holiday season is stressful enough. Make sure your company is well protected from thieves by understanding the threats and knowing how best to deal with them.