Quick Tip #4 Have clear policies and procedures in place
These days the world cannot function without internet and smartphones and businesses that do not have an online presence are almost impossible to find, especially in Australia. Consequently, when it comes to highest targeted countries for cyberthreats, Australia makes the top ten globally. The ‘Internet of Things’ (IOT) where all devices are connected through the internet, presents an opportunity to transform the way businesses operate and gives them the ability to compete at a global level. However, it is also important to be aware of cyber threats.
The Australian Cyber Security Centre (ACSC) 2017 Threat Report, stated that there was a 15 percent increase in cyber events since the year prior, most commonly through ransomware, as threats become more sophisticated. Cyber-attacks can impact the profits of small businesses due to financial loss, productivity loss, information loss, equipment loss, and reputational damage.
The fact is, it’s only a matter of time until your business is targeted, whether it be a computer or email virus, theft of hardware, attack from third parties or leaked information from employees.
A ransomware infection’s source is typically from a malicious link in an email. A ransomware attack blocks access to system files until the victim pays a ransom to the hackers. One in three businesses do not get access even if they pay the ransom, ultimately files are lost and sensitive information is stolen.
Why does this happen?
For those businesses at risk that I have come across, 100% had:
- Backed systems that did not back up any data
- Backed up the wrong data
- Had inadequate back up procedures (i.e. left the backup tape in the computer)
- Backed up data infrequently
- Backed up data in one place
- Did not update their computer to apply patches for known vulnerabilities
What can you do if you get attacked by Ransomware?
The only effective solution is to restore your data from a recent back up and not pay the ransom. However, it all hinges on the quality not only of your systems but also of your procedures. It’s important to take preventive action before an attack occurs.
To address ransomware, having a good back up strategy that works is a great insurance policy against hackers. This includes having security training awareness training and procedures such as email security, and backing-up in multiple or segmented areas, such as utilising cloud technology.
Furthermore, all Australian organisations who do suffer data breaches must make sure they comply with the new legislation