Cyber Security Planning

Evaluate what you have in place and what you need to know

What is cyber security and why do I need it?

For your business to thrive one of the things it needs is a cyber security plan that’ll protect your computer network and data. Your plan can be simple as long as it’s solid. But what should it involve and what do you need to think about?

Cyber security basics

Cyber security involves protecting your applications, your information and your computer systems, making sure you have a recovery plan in place, and educating your team on how to use the security software.

  1. Backup to a secure location every day, preferably off-site and online, so that you’ll have access to an unaffected copy of your data wherever you are.
  2. Install updates to your apps and software as soon as they’re available to eliminate weaknesses that app and software developers pick up.
  3. Encourage a culture of safe browsing by setting rules for email, Internet and memory card use, and password make sure everyone uses strong passwords.
  4. Protect your systems from malware by installing antivirus and firewall software, and enabling port filtering on your router.
  5. Put a recovery plan in place so that your business will never need to stop while you sort out a disruption.

Common misconceptions

Cyber security involves protecting your applications, your information and your computer systems, making sure you have a recovery plan in place, and educating your team on how to use the security software.

  1. “Small to mid-sized businesses aren’t usually targeted by hackers.” All users connected to the Internet are at risk.
  2. “Cyber security threats only come from outside the business.” Internal threats are equally possible and more difficult to detect.
  3. “Cyber security only involves the IT department.” All employees play a role in cyber security.
  4. “When using a wifi password, your devices are secure.” While working in public places you need a VPN to be more secure.
  5. “It’s easy to tell if your computer’s been hacked.” Modern-day malware can lie undetected while it carries out its malicious work.
  6. “Only high-profile companies are at risk of cyber crime.” Any business that holds personal information is of interest to cyber criminals.

IT security vs. cyber security

IT security and cyber security are similar in that they both protect data from breach and loss, but they aren’t exactly the same. IT security is broader than cyber security. It refers to the way a business protects all its information (electronic and on paper) and information systems, while cyber security refers to how a business protects its electronic information from criminals operating via the Internet. Cyber security is just one aspect of IT security.

Anti-virus vs. endpoint protection

Antivirus software looks for malicious programmes such as viruses and trojans, and prevents them from entering each individual device that it’s installed on.

Endpoint protection is more of a strategy whereby security software is distributed to all your endpoint devices from a central server. While antivirus software is useful to an extent, it doesn’t do a complete protection job so ideally you should use it together with endpoint protection.

Protecting yourself well enough

A common question among small and mid-sized business owners is: if I backup remotely every day and keep my apps and software up to date, will that give me enough protection? If you’re covered in terms of the cyber security basics, 99% of your security should be assured.

If you’ve got the cyber security basics in place and want to test your level of protection, put your cyber security infrastructure to the test with our malware audit.

Preparing a cyber security plan

A cyber security strategy is a plan of actions designed to improve the security and resilience of a business. You may devise these yourself, or take on the services of a dedicated cyber security provider.

  1. Write down what the cyber threats to your business are, and decide which cyber risks are acceptable and which you need to invest in.
  2. Know that you may not be prepared for some cyber attacks and that you need a disaster recovery plan in place so that your business ops continue while your IT people sort out the disruption.
  3. Make absolutely sure that you update your cyber security measures as soon as updates are available.

If you opt for a cyber security provider, check that it has an excellent track record and allows you to take a free trial so you can test it before committing to it.

Types of common cyber attacks

Denial-of-service (DoS) attack

A hacker overwhelms a computer or a network with traffic to such an extent that it can’t operate and continue. This can mean a flooded inbox or server making it inaccessible to the intended user and therefore causing a system disruption.

Man-in-the-middle (MitM) attack

A hacker inserts themselves between two places such as a wifi network and a victim’s machine. This can mean info is stolen or malicious software is installed to carry out a malware attack.

Phishing attack

A user is tricked into thinking an email is from a reputable source, when it’s actually fraudulent communication. It can steal sensitive personal information such as credit card numbers and login details on the victim’s machine.

Drive-by download attack

A hacker slips malicious code into apps, operating systems or web browsers that haven‘t been updated and therefore contain vulnerabilities. Don’t keep apps that you hardly use or update as those ones are the risky ones.

Wifi eavesdropping attack

When a user is connected to a public wifi network, hackers can intercept communication and steal usernames, passwords and other unencrypted confidential information sent. You can avoid this by using a VPN .

Formjacking attack

A hacker loads malicious code onto an e-commerce site and steals customers’ credit card details from the checkout pages. Small to mid-sized retailers are the biggest targets though Ticketmaster and British Airways were also compromised this way.

Malware attack

A user activates malicious software (virus, spyware, ransomware) that has installed via a link or an email attachment click. It can block access to the network, steal information by transmitting it from the hard-drive and disrupt a victim’s machine.

Password attack

A hacker tries to guess a password by repeatedly trying different passwords to gain entry. This doesn’t work when a lockout policy protects the account and it locks after three incorrect password entries.

Zero-day attack

A hacker hears about a network, app or system insecurity and exploits it before a patch or update has been issued. This is an opportunistic attack and can only be avoided if users have advanced cyber security in place.

SQL injection attack

A hacker embeds malicious code (structured query language) into a poorly designed application and is then able to gain access to resources or alter data.

Brute force attack

A hacker uses trial-and-error to guess a username or password, trying repeatedly with various combinations until eventually gaining access. This is an old attack method that’s surprisingly effective and still popular with hackers.

Cross-site scripting (XSS) attack

A hacker injects malicious code into a trusted app or website. The code triggers when a victim visits the app or page. Most common in forums, message boards and web pages that allow comments. Can also be used to deface a website.

The importance of employee training

It’s important for your whole team to learn best practices for cyber security so that everyone takes responsibility for protecting the business.

  1. Explain why having secure data protects your business.
  2. When giving examples of cyber security best practices, use analogies that each department can relate to.
  3. Tailor your training by department so staff see how cyber security will enable their particular jobs.
  4. Give attention to cyber security progress so staff will keep focused and remain aware.
  5. Emphasise that basic aspects of detecting suspicious activity.
  6. Use consistent communication processes so that unfamiliar messages stand out.
  7. Explain the negative impact of poor security.
  8. Encourage double checking of URLs and email addresses.
  9. Simulate a cyber attack to test your recovery systems.
  10. Develop common sense in relation to cyber security.

Closing the holes

Every unprotected device that connects to the Internet is vulnerable to cyber attack. When these endpoints are connected via a computer network, the network itself is also vulnerable, so it’s best to secure both.

You can do this by installing firewall software and antivirus software, and by enabling port filtering on your router.

If you’ve got the cyber security basics in place and want to test your level of protection, put your cyber security infrastructure to the test with our malware audit.

Opportunities in cyber security

Opportunities in cyber security vary from consulting and managing to analysing and engineering. If you’re thinking of a career in cyber security, then doing a degree in computer science, computer engineering or information science and technology AND getting industry certification will put you in line for a variety of jobs including cyber security consultant, cyber security engineer, cyber security manager, cyber security specialist, cyber security operations analyst, business development manager and others in risk management and data analysis.

Industry certification:
IT Academy offers IT security certification courses such as CEH (Certified Ethical Hacker) or CISSP (Certified Information Systems Security Professional).

Udemy offers a complete cyber security course, with a beginners’ course called Hackers Exposed and modules in network security and anonymous browsing.

Panda Security also offers certification courses in their cyber security products.

Why not try IronTree's cyber security solution free for 30 days?