While the expansion of remote working is continuing due to the COVID-19 pandemic, to keep the companies safe is getting more difficult because of diversified cyberattacks. Estonia is one of the countries that faces such attacks. Therefore, the Estonian Information System Authority (RIA) has published four recommendations for managers of businesses for the prevention of cyberattacks.
To pay attention to cyber hygiene
One of the four recommendations is to pay attention to your own and your colleagues’ cyber hygiene. The whole company and its employees may suffer as a result of the negligent attitude of a single person so companies must pay attention to the personal cyber hygiene of their employees to prevent financial or reputation damage as a result of a cyber-attack. “The cybersecurity of a business depends on each individual employee. On whether they carefully check the sender’s name and address in each e-mail, apply multi-step authentication in e-mail accounts, take care of updating their passwords and the software on their computers,” Joosep Sander Juhanson, information security expert at RIA said.
To know what hardware and software your company is using
The day-to-day work of a business is mostly done using computers. Businesses use a wide variety of software in their work, starting with customer management software and sales and business software, and ending with accounting software. Therefore, users frequently get notifications that updates are available. Unfortunately, the update often is not made. To solve this problem, businesses should appoint people whose duty is to observe that necessary software updates are performed. Also, businesses should have a precise overview of the programs and computers that are used by their team in their work.
To know who of employees have access to data
Cybercriminals know that in the information society, data is more valuable for a business than ever before. Because of this, they are constantly seeking opportunities to find security gaps in the information systems of businesses. It must be clearly known in a company that has access to various data. Having clear procedural rules in place helps prevent cyber-attacks and find a solution to the problem faster if an attack occurs.
To educate your team on the most common cyber-attacks
The main cyber incidents causing financial damage to Estonian companies are executive-mimicking fraud schemes, invoice scams and ransomware attacks. Pointing out that with an incompetent response a cyber-attack may halt the business of a whole enterprise. “Being able to recognize the most common cyber-attacks may save a business from incurring expenses amounting to the tens of thousands of euros due to cybercriminals” said Juhanson.