Whether you’re logging off for a couple of days or a few weeks, the countdown to Christmas is on. Unfortunately, cyber attacks increase by around 30% during the holiday season, when businesses are closed or operating with low staff levels. So, here’s what to consider to keep your business protected over the festive period:
Cyber threats to be aware of over Christmas
The most common cyber threats to your organisation this holiday season are phishing and ransomware.
Conducted via text message, email, phone, or social media, phishing accounts for 44% of cyber attacks in the UK, with 75% of large organisations and 45% of small businesses falling victim. Have you considered whether that Christmas e-card you received is suspicious or even threatening?
Cyber criminals may impersonate an employee and request specific action, with a tone that seems urgent or tries to manipulate the recipient in some way. It’s a type of social engineering that takes advantage of curiosity or uses fear tactics.
Another common threat is ransomware. This is where criminals exploit vulnerabilities such as weak passwords, unpatched systems, or insecure remote access. Statistics reflect a 30% increase in the number of ransomware attack attempts throughout the holiday season, compared to monthly averages.
Suffice it to say, incidents can cause significant disruption and have impacts spanning from financial to operational, as well as reputational or even legal. In figures:
- There were an estimated 2.39 million cyber attacks on UK businesses over the last 12 months — almost five incidents per minute
- 81% of incidents happen to small and medium sized businesses
- Over 500,000 new cyber threats are discovered daily
How to stay safe?
Cyber threats should not be taken lightly, and having a robust set of processes is key to safeguarding your business.
- Passwords
Make sure to consider what a strong password looks like, avoiding things that might be easy for a hacker to guess or figure out. Consider choosing a longer combination with a random mix of letters, numbers and symbols to enhance security. Then, to further reduce the risk of systems being compromised, user identity and access controls such as two- (or multi) step verification are recommended.
- Stay updated
Up to date software and IT equipment, paired with regular data back-ups are crucial to enhancing cyber security. It’s worth patching up software vulnerabilities, and reviewing firewalls and anti-virus software as a priority. Your team should also have a sound understanding of the various types of attacks and what ‘good’ mitigation looks like.
- Crisis response plan
That said, it’s not enough to simply take action to prevent an attack. You need to be prepared if cyber criminals successfully strike. What is your crisis response plan to ensure business continuity and mitigate the impact? Are your team prepared for the worst case scenario?
Looking to the future, cyber insurance should be a key consideration. For help with your insurance needs, please call 0121 803 3760 or email info@thebletchleygroup.com