Expert shares 12 tips as he warns firms face a threat from unprecedented threat from fraudsters
A LEADING tech expert has warned that the cost of living crisis risks creating a new wave of cyber attacks on business “unlike anything we’ve seen before”.
But Roy Shelton, the CEO of the Connectus Group, said there are many steps which companies can take right away to bolster their defences, which won’t cost a penny.
Mr Shelton, whose firm provides cyber and tech services to more than 800 UK businesses, said: “The cost of living crisis creates a whole new myriad of risks for businesses, at a time we are already seeing cyber hacks rising and becoming more sophisticated.
“Any sustained period of economic hardship represents an opportunity to fraudsters who will be looking to prey on vulnerable businesses.
“Many will create fake money-saving schemes while others will look to capitalise on the fact that some companies might look to save cash by reducing the amount of money they’d usually spend on cyber security.
“Although cutting back is tempting, the reality is many businesses could be damaged in such a way that means their business will be dead and buried by the time this cost of living crisis passes.”
Setting out the steps businesses can take Mr Shelton, whose business has just announced a roll-out to three new UK areas, said:
*Start by enforce dual factor authentication (dfa) this is a free of charge option on Microsoft 365, Apple and most mainstream applications
*Next make sure you also enforce regular password changes , via windows ensuring that new passwords are not a repeat of previously used passwords.
*Don’t use the same password across multiple systems – this is like red-meat to a cyber criminal-, they access one system, they are in to them all.
*Don’t use your date of birthday or pet / kids names , these are easily obtainable via social media platforms. Over and over again we see evidence of fraudsters trawling for this information.
*Don’t accept cookies – they sit in the background of your machine and capture details to allow better serving of ads. It can be tempting to “click OK” – but the cost down the line can be
*Don’t write your passwords down – you will lose the list or someone will eventually see it
*Other very low cost options include performing training and awareness to staff of phishing, social engineering and other common cyber threats
*Use Sharepoint / OneDrive rather than Dropbox or Wetransfer as it is more secure when transferring or sharing senstive information
*Get your iT provider to deliver a low cost 24×7 monitoring and scanning service across all your access devices Inc mobile phones and network
*Have your IT partner perform a vulnerability scan to expose any areas of weakness in your system and re run this and a penetration test on a regular basis.
*Remember a fraudster will always target the least point of resistance , this could be systems , people or processes so don’t think it is just systems that can be exploited.
*Appoint someone in your team as a cyber security champion and ask them to post weekly updates on threats and dangers to your team including adding cyber threats to your management or board meeting agenda..