Cyber security firm Sophos estimates that the average total cost of recovering from a ransomware attack has more than doubled over the past year, from just over $760,000 in 2020 to $1.85 million in 2021. The company also stated in its State of Ransomware report that only 8 percent of companies managed to recover all of their data after paying the ransom, and 29 per cent recovered no more than half. It is therefore very important that you take care of your cyber security. Here are 7 tips on how to do this.
1. Keep Your Passwords Secure & Beyond
Passwords are important and there is no denying that. However, in doing so, it is important to ensure that they are appropriately complex. According to Kaitlin Titus, account manager at eMazzanti Technologies, an IT consultancy based in Hoboken, New Jersey, companies should implement password complexity policies that require:
- uppercase
- lowercase letters
- digits;
- special characters;
- symbols that are at least 12 characters long.
Have employees create passwords that are unique and not used on other sites. “If one program is hacked and the password is stolen, it will be much easier for a hacker to get into other systems you use,” – Titus says. Consider using a password manager that generates unique passwords and stores them in one secure location (which, by the way, is not a piece of paper stuck to your workstation).
Security is not only important when looking after passwords, but also in the game development process. Here, it is important that the player can use all functions seamlessly without fear of any information leakage or other kind of trouble. This is especially important in the case of online slots offered by online casinos such as https://wanted-win.com/. You can find safe sizzling hot games from reliable manufacturers at the link provided. These are high-quality games that are popular with many players without the need to log in.
2. Use Multi-Component Authentication
This is a simple but effective concept – adding another layer of security beyond simply entering a password. Multi-component authentication requires users to add an additional token or code to access an app or device. “This may add a few seconds to the login process, but it will significantly reduce the possibility of illegal access to company systems,” – Titus says. Below is a comparison of the most widely used methods of multi-component authentication:
- Method Hardware OTP Standalone mobile applications OTP
- Soft token Software Development Kits (SDKs)
Hardware devices that generate one-time codes based on a cryptographic key stored on the device. In short: authentication apps. This is software that can be embedded in mobile applications and uses cryptographic operations to authenticate the user and the device.
Poor user experience, high maintenance and operating costs, Tokens are vulnerable to theft or social engineering attacks Poor user experience, lack of support for companies relying on third-party apps, potential for maliciously built apps.
Users must constantly switch between applications to authenticate identities/transactions, Lack of support for companies relying on third-party applications.
Multi-factor authentication (MFA) has become a staple of the mobile device industry over the past decade. If you’ve ever had to enter an authentication code, receive an SMS or scan a piece of hardware, you’ve interacted with an MFA-enabled system. While MFA is ubiquitous, it is far from perfect – whether you are a business or an end user. The aforementioned drawbacks, however, are unavoidable at this point, but the benefits of this method of security are far more important.
3. Beware Of Shared Inboxes
Christopher Gerg, vice president of cyber risk management at Tetra Defense, warns of new “wrinkles in the phishing world” – in addition to the typical phishing messages posing a problem with an Amazon order or a new Netflix account login. Shared email accounts for sales teams are easy to guess via web searches and harder to protect with security features such as multi-factor authentication, he says. “These shared inboxes, by their very nature, often receive unsolicited email, which increases the risk of accidentally releasing malware,” – Gerg says.
4. Keep Your Systems Up To Date
Make sure your company’s hardware and software is updated regularly to ensure all the latest security patches are installed. Be careful to allow employees to use their own laptops when working remotely, as personal devices are less likely to be updated than their company-issued counterparts, according to Nir Kshetri, a professor at the University of North Carolina-Greensboro and author of four books on cyber security.
Updating is also important for computer games. Casino games and online slots are particularly instances of this type of gaming, where players spend money to participate in the game. For this reason, it is important to rely on the services of manufacturers who are particularly concerned about safety when playing – an example is Book of Ra for free, where you can try out the features for free before playing for money. It is also worth taking care to choose a secure online casino.
5. Back Up Your Data – & Then Test The Backups
Today’s data protection systems, although sophisticated, are “meaningless if they are not accompanied by backups”, says Thilo Huellmann, chief technology officer at Levity.ai. Companies should back up their systems and data on a daily basis and maintain a clean copy of the data so that it can be easily restored in the event of a threat, he adds. Here are the backup methods worth using:
- USB memory stick;
- External hard drive;
- Apple Time Machine;
- Memory attached to a network;
- Cloud storage.
When choosing, remember to test your backups for recovery, says Bob Herman, co-founder and president of IT Tropolis, an IT services provider. “Many companies run backups but never test, only to find out after an actual incident that restoring critical data will fail,” he adds.
6. Train Your Employees Regularly
Don’t limit training to once a year. Enrol them in continuous, dynamic and interactive cyber security training to help them understand the latest security threats and keep security in mind. (On 23 June, ASI will host a webinar on dealing with an ongoing ransomware attack, led by Mike Pfeiffer, vice president of technology at Top 40 distributor American Solutions for Business (asi/120075). Register for the webinar here. )
7. Invest In Cyber Security
This could mean strengthening your existing IT team or hiring an external company to perform security audits. According to Kshetri, another option to consider is cyber insurance to protect against attacks. He adds that in the US, only about 19% of small and medium-sized companies have cyber insurance. However, as the growing number of ransomware attacks shows, it is not only large companies that are at risk.
