The increase in cyber-attacks has been increasing year after year. Around 90% of the crime these days is done online. According to NCSC more that 2.7 million scams were removed from the internet in 2021.

Since Covid-19 there has been an increase in online cyber-attacks, causing businesses to generally be a little more alert. However, there are still scams getting through, with a little bit of social engineering they are catching people offguard and stealing money.

See our tips below on making your business a little safer from possible cybersecurity attacks.

The biggest weakness in any business is its staff, I have said this since the beginning of our Cybersecurity journey and its importance has not wavered.

Everyone even us at Hamilton Group has the potential of clicking on a link they shouldn’t or going to a website that looks genuine but isn’t quite right. Sometimes you have to look really closely to spot the issue. Especially with phishing scams and that is where training such as Phishing simulation threats are sent to users designed to test their likelihood to click.

If the worst should happen and a user falls for a phishing scam designed to acquire their login details, which is often done by asking the user to login to a fake webpage that usually looks fairly genuine but they are often just capturing your information.

Should your login credentials be somehow leaked onto the internet or stolen by a hacker then they can use the details to access your IT networks and potential send spam within your network to your customers and suppliers.

They may even use that information to extract money from your business, your customers or even your vendors/suppliers. However, if you have Multi-Factor Authentication in the chances would be greatly diminished.

All user accounts should be set to standard and not an administrator account, in fact, Cyber Essentials recommends it and it is a requirement to pass certification.

If you become a victim of a cyber-attack then if the user account is set to standard this would limit any possible damage. Imagine if it was a hacker gaining access to a user’s system, that user is a local administrator, this would have the capacity to carry out a Ransomware attack and encrypt all the files and literally hold a business hostage.

Please note, we strongly recommend you review the access your staff have within your organisation and also I recommend you limit access to files if those staffs have no requirement to access them.

Building your cybersecurity strategy has to include patch management. Patching can be an update to software or the operating system itself.

A patch can be a fix to a software exploit or amending features and keeping your software up-to-date can be essential.

Our goal is essentially to patch every 7-14 days. Cyber Essentials does recommend patching every 14 days.

Encrypting your data is seriously important. If you lose your device or it is stolen, then the person who finds it will be unable to decrypt your device, which would safe guard you against data loss.

This would also forfil one of the cybersecurity goals, that will be built into your Cyber Security plan.

With encryption you’re less likely to risk the organisation getting a fine as if the device is lost the encryptuon will prevent data loss.

Backing up your data is a standard IT practice, however, did you know there are still loads of organisations that either don’t backup or backup to a device attached to their computer?

Having a backup will safeguard you against a cyber-attack, but only if your backup is secure and you ensure that the security is adequate and that there won’t be a possible breach or carrying on a potential infection.

The backup itself should be encrypted, this will make sure only you or your business can unencrypt it. A backup should always be a multi-site backup.

The approach Hamilton Group likes to take would be to keep a backup on-site and then another through a cloud backup solution.

You would then need to test to ensure that the backups work, this would help reassure clients and ensure that should an emergency happen you can quickly recover.

You should always add multi-layer protection in your business, which will make it harder for a cyber-attack to take place.