The Most Popular Cybersecurity Issues: Five Tips to Protect Yourself and Your Business

In connection with the situation with the coronavirus and the rapid digitalization of business, unfortunately, a negative trend is also increasing - cybercrime. How to protect yourself?

Suddenly switching to remote operation is the best moment for cybercriminals, as the chances of successful phishing and system hacking increase. This is also evidenced by statistics: in March 2020, compared to 2019, the number of such crimes increased by 20.6%.

At the same time, the targets for which cybercriminals are focused have changed. So, in December 2019, the main focus of attacks were government agencies and various industries - 15.9% each of the total number of crimes. In third place are attacks aimed at personal data of individual individuals - 12.1%. However, today, as statistics show, the main target is precisely individuals - 18.9%, the industry is in second place (17.8%), and government institutions are in third place (11.2%). Therefore, the issue of protecting systems should be in an even greater field of vision today.

Considering the statistics from Specops, the results are disappointing. In 2019, Ukraine ranked 4th in Europe in the list of the most cyber-protected countries with an indicator (10.35% of affected computers). The Netherlands (17.64% of affected computers), Bulgaria (17.55%), and Belarus (10.83%) took the TOP-3 positions in the rating, respectively. Croatia closes the top ten with 4.55%. That is why, according to the companies of the IT Committee of the European Business Association, the issues of security verification are quite painful and lengthy when concluding agreements/contracts with foreign customers, especially given the lack of Ukraine's status as a GDPR-compliant country.

In addition to the obvious financial losses that cybercrime can lead to (according to Bromium, the cybercrime market is estimated at $ 1.5 trillion, as of the end of 2019) due to the sale of secrets, the conclusion of contracts using confidential information, and the sale of personal data, one should also remember about reputation ... Previously, due to personal data leaks, many companies (Uber, Facebook, Yahoo, etc. ), in addition to fines and investigations, suffered from the fall in the value of their shares. Also, we must not forget about the GDPR itself: the lack of recognition of a country/company" with the proper level of protection" significantly complicates work with European customers and requires additional certificates confirming the optimal state of cyber protection.

According to Huawei experts, the success of cyberattacks depends by 91% on human errors (opening dangerous links, successful phishing, downloading malicious files, etc. ) and only 9% on technical problems (weak system security, lack of special software, etc.) .d. ). Therefore, first of all, it is important to ensure the protection of every employee of your company so that the entire business is safe.

At the same time, personal protection is not only about installing antivirus software on your work laptop. According to AT&T, the accessories through which cybercrime is most frequently carried out are PCs (70% of crime success rates), smartphones (61%), tablets (53%), WiFi hotspots (50%). Therefore, for an adequate level of protection, all measures must be comprehensive in order to fully mitigate possible risks.

How You Can Protect Employees and Companies

Consulting and providing the necessary information.

Informed = armed. Most of the successful cybercrimes are committed precisely from carelessness, ignorance, and disregard of the general rules of cyber hygiene by employees. Therefore, it is worth conducting a professional master class, talking about threats, phishing, the dangers of unverified links, and the like. Remember, the security of your business depends on the awareness of each employee.

Passwords.

One of the easiest ways to get into the system is because of weak and weak passwords. In 2018, the most popular password was “password” and its more complex and more modified version “ password123”. Of course, it is much easier to use a simple password than to remember and constantly enter something complex. However, when it comes to security, it is still worth considering. You should not use your biographical data or close people in passwords, such as birthday, first / last name, car number, etc.  - such ciphers are broken in 15 minutes. The password should be illogical, long, complex, with a maximum variety of characters (large/small letters, numbers, punctuation marks). Password management services like LastPass can help.

Multi-factor authentication.

When entering the system - verify your identity using an additional method (in addition to the password, enter the dynamic PIN code sent to your e-mail or mobile, etc. ). Multi-factor authentication can significantly reduce the likelihood of identity theft on the Internet, since knowing the victim's password is not enough to commit fraud, you need to have different devices and more advanced personal information.

Data encryption.

For businesses that work with customers and store a lot of their personal information - such a must-have a fuse. algorithmic (cryptographic) data transformation changes the data into a cipher, which is rather difficult to bring to a "readable" format without a special secret key. Now there are a lot of such programs: TrueCrypt, VeraCrypt, AxCrypt, and the like.

Constant updating of systems.

All licensed programs are constantly updating their software. And although the procedure “ Windows Update ”, which is familiar to many, is often annoying and appears at the most inopportune moment, you should not neglect it. Hundreds of thousands of new types of viruses / Trojans are created every year to bypass the protection of existing systems. That is why programs carry out scheduled updates, expanding the virus base of their application, thereby strengthening the "immunity" of your PC.

Therefore, given the current situation, you should be extremely careful about your company's cybersecurity status. So, you should adhere to these recommendations, because the protection of the entire large-scale mechanism (business) depends on the security of each individual element. Moreover, about 93% of malicious programs get to the computer precisely through e-mail and human negligence.

In a global context, we, as a country, should think about future prospects: after all, digital is a new global trend, and an appropriate level of security is a necessary step that will help to implement it, protect the business, and simplify doing business with the EU. Therefore, we hope this year Ukraine will receive a ready-made document on the protection of personal data, which is based on the European Regulation.