HomeInsuranceCyber Threats in 2022… Managing The Risks To Your Business
Cyber Threats in 2022… Managing The Risks To Your Business
July 26, 2022
We hope this guide will give you some practical tips and useful resources that can help you protect your business, cyber threats evolve year after year so it is vital you know what you’re up against.
What can you do about cyber threats – some practical guidance…
Due to recent viruses and hacking attempts against Ukrainian organisations, the National Cyber Security Centre (NCSC) has urged UK organisations to strengthen their online defences.
Not only big corporations, but any company might become a target. In actuality, 91 percent of the UK organisations surveyed reported at least one successful email-based assault in 2021.
Keep in mind that hackers don’t care about your own preferences. They have the ability to send bulk emails that contain links or attachments that, if clicked, could infect your computer or other device with a virus. The result might be data loss, security breaches, or even an interruption to your organisation if systems or networks are affected.
Plan Insurance can accommodate your Cyber Liability Insurance needs. Just fill in our short call back form, and our professional brokers will be in contact to arrange your policy.
7 practical steps to help protect yourself and your business
Learn to spot malicious emails… Don’t let an email-based attack make you a victim. Call the sender to verify the email if you’re unsure what to do; otherwise, consult your IT team.
Surf the web carefully… In order to prevent hackers from creating links that closely resemble legitimate ones, hover your cursor over each one to make sure they work as intended.
Update your computer when prompted… Updates for your gadgets and PCs should be installed immediately as they will keep you safe.
Check for the padlock icon… To the left of the website name in your browser, you should see this. Watch out for cautions like “Not Secure” in your web browser.
Store passwords in a secure service… Passwords shouldn’t be kept in spreadsheets or word documents.
Don’t use passwords… For each account, such as an email, a social network account, or a website, create a unique password. The same passwords will be tried by hackers on many accounts.
Validate unexpected calls or messages… Hackers may occasionally pose as someone you know and trust in order to deceive you into disclosing important information, such as passwords or company information.
How to spot malicious emails
Authority – The message can purport to be from a manager or other high-ranking official, such as your bank. This is a ruse to get you to comply with instructions.
Urgency – The communication can give you a short amount of time to answer, such “within 24 hours” or “immediately,” to it. Hackers frequently use fines or other threats to influence your decision-making
Emotion – Determine whether the message incites fear, anxiety, hope, or curiosity in you. Hackers will attempt to elicit an emotional response from you.
Scarcity – Is the message urging you to act swiftly by promising something that is in short supply, such as money or the chance to lose out on a great deal or opportunity.
Unexpected – The email could be unexpected or pretend to be from someone you know or trust, but it might not be in their typical format or subject. Remember this since one of your contacts’ mailboxes might be controlled by hackers.
Best practice for managing your IT
Verify that your continuity and recovery plans remain applicable in light of the current increased threat. For instance, backups are safe, reliable, and usable.
Examine the potential effects of your supply chain on your company and the data you possess; you might need your suppliers to improve their own cyber security.
Verify that the security tools and software used by your organisation are current and functioning as intended, such as antivirus, firewall, and intrusion detection software.
Reevaluate earlier risk management choices to see if they still make sense in light of the increased cyber threat, such as unpatched vulnerabilities, outdated software, and single factor authentication (password only)
Consider increasing the frequency of the update and patching cycle.
Examine the security training provided to staff members, such as how to report malware, phishing attempts, or scams, and determine whether any updates are necessary.
Examine privileged or administrative access and eliminate any unauthorised access, such as unused or expired accounts.
Enroll in the Early Warning programme so that NCSC can notify you as soon as malicious activity involving your organisation is reported.