With October being Cyber Security Awareness month, we wondered how security aware you and your team really are.
What is Cyber Security Awareness and why is it so important?

Cyber security awareness is about your awareness of the cyber threats that your technology environment may be at risk of.

Being aware of the risks and following best practice security techniques will help to minimise the threat to your technology, your data and privacy breaches, your client experience and ultimately, your business.

Sadly, too often cyber criminals target small business as the easiest way to steal data, shut down operations and demand ransoms to regain access to company stored data.

No longer can SME’s take on the mindset that “It’ll never happen to me, I’m too small and insignificant for a hacker to target my business”. This is not the case and SMEs are one of the highest targets of cyber-attacks today.

Many cyber-attacks are socially engineered and come in the form of scam emails. Scam emails trick you and your team into clicking a link and inputting passwords or other details that allow a criminal easy access to your systems. The damage may not be apparent immediately and could take months before it becomes obvious that your technology environment has been compromised.

Unfortunately, during times of lockdown when many of us have been working from home, security may not be at the forefront of our mind.

Statistics have shown that all over the world people have become lax with cyber security. Weak passwords and the same password across multiple platforms and not being as vigilant with socially engineered scam email detection.

How aware is your team and can they spot a scam email?

• 43% of users do not realise that clicking on a suspicious link and opening an unknown attachment will lead to malware infections.
• 59% of people are not confident they would be able to identify a social engineering attack.
• 39% believe it is reasonable to reply to a social engineering attack and requesting clarification or further information from the hacker.
• 43% of all data breeches reported in Australia are the result of a cyber attack.
  

  The big question is how can we minimise the risks associated with cyber-attacks?

• Ensure you have Multi-factor Authentication (MFA) – it makes it harder to for hackers to access your systems and adds another layer of security
• Security Awareness Training – train your team in how to spot a scam. End users are the weakest link when it comes to cyber-attacks
• Virus protection and keeping it up to date. Make sure updates are done and your virus protection hasn’t expired
• Strong passwords changed regularly. Use longer passwords and include a mixture of alphanumeric characters and symbols.
• Don’t duplicate your passwords across various platforms and make sure you change them regularly.

Some suggestions for how to make your password strong from support.google.com are:

• Try and use:
  • A lyric from a song or poem.
  • A meaningful quote from a movie or speech.
  • A passage from a book.
  • A series of words that are meaningful to you.
  • An abbreviation. Make a password from the first letter of each word in a sentence.
• Avoid choosing passwords that could be guessed by:
  • People who know you.
  • People looking at easily accessible info (like your social media profile).

These are the simplest ways that you can begin the journey to lowering your risk. There are many other ways to secure your technology environment and that is where SMIKTECK can step in and help you strengthen your security.

At SMIKTECK we are focused on the security of all our clients’ networks. We implement solutions and deliver on the mitigation strategies of the Australian Cyber Security Centre (ACSC)’s Essential Eight, ensuring security is at the forefront of all business protocol.

Don’t take the risk of doing nothing. Learn more about our technology risk audits at smikteck.com.au.