2. Know the security threats
“Protecting your environment to the best of your ability is never going to be one hundred percent,” says Stitt. “You use intrusion detection to see the things you might have missed.”
“Intrusion detection can be automated, so that it blocks certain traffic or tells the identity manager to block access. But not every issue can be resolved automatically, so checking and responding to intrusion detection information is really important. It will help you to correct whatever was wrong in the first instance, so if the attack were to happen again, it wouldn’t be successful. Closing the loop provides the greatest amount of integrity to your system, while protecting against repeat attacks.”
One of the main causes of security breaches is user behavior – the things you and your staff are doing on your individual devices. Often, people don’t realise they’re opening a phishing email or downloading from a dodgy site.
“Awareness training for staff in spotting good and bad content is a great idea for small and medium businesses,” recommends Stitt. “Send around a few emails as examples of the kinds of things they might come across. It’s quick and easy and effective at helping people identify something potentially dangerous. There are also phishing services that will send bogus emails to staff and alert them with some brief training if they click on something they shouldn’t.”
“There’s also been a rise in “spear phishing” attacks, where staff who manage your organisation’s money are targeted. Criminals will pose as the Managing Director or Finance Director for example, and email the Accounts team to request things like wire transfers. If successful, these attacks can be devastating for your business, and result in the loss of four, five, or even six figure sums. Training those who handle your money is critical.”