A chat with our cyber security expert
Today we sat down with Oscar, one of LAN Support’s IT technicians, also known as our very own cyber security expert! We asked a number of commonly asked security questions and found out about upcoming cyber crime trends.
Firstly, what is cyber security?
So, according to the National Cyber Security Centre, cyber security is:
“Cyber security’s core function is to protect the devices we all use (smartphones, laptops, tablets and computers), and the services we access – both online and at work – from theft or damage.”
In other words, it’s a selection of tools and protocols that you can put in place that protect any devices that connect to the internet from cyber threats. These devices might be used as an attack vector as they often contain sensitive information and business data.
Why is cyber security important?
It’s important because without it, it’s only a matter of time until you become a victim, costing you money, downtime and damage to your business reputation. With the increase of remote working throughout the pandemic, the number of attacks has increased by 31%!
What is the first step in becoming cyber secure?
I think the first, and most important step to becoming cyber secure is to realise that you are a target. Lots of people are unaware they are in danger, and assume they aren’t big or important enough to be targeted.
In fact, often it’s the smaller companies that get hacked as they usually have less security protocols in place and limited security training.
What would you say are the best security measures you can put in place?
There are a few absolutely essential measures that every business should have in place at all times. These will at least give you a basic level of security that should protect against the most common IT risks.
- Always use strong passwords with a combination of numbers, symbols and upper and lower-case letters, no personal data (birthdays, pets, names etc), plus never use the same password for multiple accounts.
- Controlled access to data, services and applications – only those that are authorised should be able to access this information.
- Multi-factor authentication should be enabled on all accounts to give you an extra layer of security.
- Implement and get involved with cyber security training in the workplace to stay up to date with the latest threats.
- Make sure you have firewalls* set up.
- Keep your system and its applications updated regularly – updates will limit the risks of weaknesses in the system.
What are the biggest cyber security threats right now?
I’d say the biggest threat right now is phishing*. It’s everywhere! As well as phishing, ransomware* is becoming a huge problem and can be extremely damaging if the attack is successful.
I think this time of year always brings a number of new challenges, we have Christmas and Black Friday at the end of November. Businesses will be sending out huge numbers of emails trying to get people onto their websites, and advertising discounts etc. It’s really easy for hackers to disguise themselves as a well known company, all it takes it accidental click and you may have given them access to your system. Stay vigilant.
So, what can people do to protect themselves from phishing?
The only way to protect yourself is to get educated on what to look out for. No amount of security protection will stop phishing emails reaching your inbox, so it’s then up to you to remove them before anything happens.
What is the most common cyber security related question you get asked?
The most common question we receive is:
“Is this a spam email?”
We always recommend checking with your IT support provider if you see a suspicious looking email. It’s better to be safe than sorry.
Firewall – A firewall is a network security system that monitors and controls incoming and outgoing traffic based on the chosen security rules.
Phishing – A phishing attack is often used to steal user data including login credentials, bank details and more. The attacker disguises themselves as as a trusted source and tricks the victim into opening some kind of electronic communication (emails, texts or instant message).
Ransomware – A ransomware attack is when the hacker makes their way into your system, usually via spam emails, and locks you out of your system until you pay a ransom sum. The ransomware executes malicious coding onto your system, that can spread throughout applications, images, databases and networks. This means it can also effect other systems on the same networks. The sum of money is usually very large and they usually state that if it is not paid in 24 hours all of your data will be lost forever. If you pay the ransom, it is still not guaranteed that you will regain access to your system. The only way to combat this is to have regular data backups completed so even if your system is compromised, you will still have access to all of your data.