Response from Mihai Corbuleac, senior IT consultant, StratusPointIT
The impact on reputation, operations and financial resources from a successful cyberattack can be wide-ranging and, hence, devastating. From data loss to extensive downtime, your IT staff and senior management team carries the heavy weight of responsibility.
So, if you don’t have sufficient expertise in-house, try to outsource, because the cost to reputation alone, if sensitive data is compromised, will make that investment viable. Check what systems are connected to the internet and if they don’t have to be, disconnect them, in order to reduce your exposure to cyber-attacks.
Make sure you back up your data regularly, and ensure you can restore from backups fast. Once you verify that you can recover from an attack, then start implementing some of the protections that are necessary to keep your data safe. Last but not least, train all your staff, make sure they understand how easy it is to unwillingly upload malware.
Additionally, email service is still the most common delivery method for malware which means that the human component is still the weakest link in the security chain and that’s because they don’t know what to expect, what an attack looks like, etc.
Employees should be educated in regard to cybersecurity, and business executives should begin using training platforms for that. Also, ensure that all employees access their work email from secure devices, preferably not their personal devices, they don’t open unsolicited emails or download suspicious attachments.