intelligent

A nation-state hacker may have a particular objective in mind , stopping at nothing to infiltrate the systems of isolated targets . But a regular cybercriminal will operate as any business would : increasing efficiency and minimising costs for maximum monetary gain .

As a result , most cybercriminals won ’ t go out of their way to execute their schemes . Instead , they look for the easiest route in . This could be through a brute force attack ( inputting potential login details until they gain access ), an unpatched vulnerability in software or duping an employee via phishing emails .

This leads us to one simple truth : most attacks can be prevented with basic cyber hygiene .

Firstly , businesses should tighten up their employees ’ password hygiene . This means using strong , complex and unique passwords for every account . One of the best ways of administering this is through a password manager . Fortunately , there are plenty of inexpensive options available with specific price points for small businesses .

With a password manager , employees can easily generate sophisticated passwords and store each of them in a secure vault – removing the burden of remembering them all . Most password managers also provide a safe means of sharing passwords on jointly used accounts .

Where possible , multi-factor authentication should be imposed as well . The vast majority of accounts offer the option to do so in its settings , making this an easy and free step towards a more secure working environment .

Then there is the crucial task of providing regular security awareness training . There is a wealth of resources provided by government institutions and cybersecurity businesses that can help . For example , CyberSmart provides simple , interactive training on the basics through its ‘ CyberSmart Academy ’ tool . However you go about it , the crucial thing is to encourage a positive change in behaviour among your employees through empowerment , rather than the traditional fearbased approach .

The third area to focus on is patching . That means regularly checking for software updates and applying them . Understandably , this can quickly become an overwhelming task , so the use of a patch management tool might be the way to go .

These tools can help scan the devices and apps in your company ’ s repository and identify missing patches . Some may even have the option to automatically apply the patch – all from a single interface .

Finally , it ’ s worthwhile looking within your team for a security advocate ; someone who can champion these action items and encourage others to take the organisation ’ s cybersecurity seriously .

THE CRUCIAL THING IS TO ENCOURAGE A POSITIVE CHANGE IN BEHAVIOUR AMONG YOUR EMPLOYEES THROUGH EMPOWERMENT , RATHER THAN THE TRADITIONAL FEAR-BASED APPROACH .