'New year, new threats' warns cybersecurity CTO in UK
As we welcome the new calendar year, businesses must be astute in defending their digital assets from potential cyber threats. This consecutive holiday season has reportedly provided a fertile ground for cybercriminals, manipulating consumers and employees alike with misleading emails and counterfeit offers, purporting to be limited time deals, according to Espria, a Managed IT, Document Solutions and Communications specialist.
"There is no doubt that holiday seasons are always, and will continue to be, filled with cyber disruption, with sophisticated festive phishing and a recent surge in ransomware", warns Dave Adamson, Chief Technology Officer (CTO) of Espria. While many businesses have profited remarkably over the past few months and will continue to capitalise on the ongoing shopping season, cyber fraud seems to leave a presence lurking in the background, threatening to spoil the holiday cheer.
Adamson emphasises the mounting need for companies to brace up and fortify their security measures, particularly as we venture into the 'hacking season'. He underscores the menace of not just retail, but also targeted professional services business being threatened by countless hacking attacks that seek to capture their data and then immobilise them with ransom demands. "As we enter the New Year, the 'hacking season' to come requires all the help security teams can get from best-in-class technology to monitor their digital enterprise 365 days a year."
The first step, Adamson advises businesses, is to maintain open lines of communication with customers and employees, warning them about the occurrences of fake websites and fraudulent social media pages. Carefully implementing a robust password policy across the board and alerting staff to be discerning against unknown messages is another vital cautionary process.
Securing employee turf from the inside is a major aspect of the defensive strategy that corporations need to build upon. "An organisation must have employee buy-in at all levels, not just IT, to prevent being a cyberattack victim," stresses Adamson.
This mostly involves raising the bar with cybersecurity awareness training; employees are guided to recognise a potentially harmful phishing attempt and advised on the necessary course of protective action when they see something suspicious. Organisations need to enforce and consistently upgrade this training at a company-wide level to contribute to the overall security parameter.
Adamson also pinpoints email accounts, the most common route to other valuable accounts, as areas requiring additional fortification. A strong password policy and two-factor authentication are among the favoured methods to safeguard against cyber threats. Avoiding suspicious links and recognising the traits of potential phishing scams are also identified as crucial in making the digital enterprise a safer place, as businesses look ahead to the New Year and the challenges it offers.