Effective data security is critical in our modernized digital world. Preparing today for the threats of tomorrow is an absolute necessity.
In our last blog, we discussed why cybersecurity should matter to more than just the IT department: it must matter specifically to the CFO, as he/she is the one accountable to a company for its financial health and best suited to allocate resources toward security. Cyber defense must be prioritized across an entire organization.
Make sure all the software solutions you employ are updated regularly. Software companies provide patches for vulnerabilities by releasing updates. Therefore, you will want to make sure that you take advantage of those updates from any software you use, including Chrome, Safari, AirMail, FileZilla, your ERP system, your financial reporting tools, etc.
Remember the huge Equifax data breach in 2017? It impacted the personal information of approximately 147 million people. This data breach was caused by a known vulnerability in a web application. Apparently, the fix for this vulnerability was released two months prior, but Equifax failed to update its software. That’s a hefty price to pay for not staying current with updates.
Phishing is a cybercrime in which a target or targets are contacted by email, telephone, or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data, such as personally identifiable information, banking, and credit card details and passwords. The information is then used to access important accounts and can result in identity theft and huge financial loss.
90% of all successful computer attacks start with a phishing email. Some common features of phishing emails include:
Remember no computer is immune from phishing. And it only takes one mistake of a click to become a victim of a cybercrime.
As discussed above, best practice is never to click on anything of which you aren’t 100% certain is legitimate.
You can no longer be lazy in creating and using passwords.
Some strong password ideas include:
Some weak password examples include:
Some additional recommendations to keep in mind as you work toward best practice password management:
While you may think to yourself that you’re only stepping away from your desk for just a minute, anyone can walk into your office during business hours and thereby put your devices and confidential information at risk. Be sure to:
You must safeguard both your personal and company. Here are some tips for protecting both:
This is a type of malware that threatens to publish your data, encrypt your files, and make your system unusable until you pay a ransom to the cybercriminals behind the scam.
71% of ransomware attacks in 2018 alone targeted small businesses, with an average ransom demand of $116,000. Back in 2017, Maersk, a Danish shipping company, lost a whopping $378 million to ransomware alone. Not only did they lose a significant amount of money, but they were forced to halt operations, and reinstall their entire infrastructure of 4,000 servers and 45,000 PCs.
This was a wakeup call for Maersk and should serve as one to all of us. Make sure ransomware protection is part of your cybersecurity plan. There are many credible service providers out there that focus on affordable ransomware protection.
Implementing cybersecurity best practices doesn’t guarantee your systems and information will be safe 100% of the time. However, it drastically reduces the likelihood and frequency of breaches and infections.
No longer can companies exist with just average cybersecurity. It must become an integral part of your competitive advantage.
Download Spreadsheets-The Corporate Secret Killer & What to Do About It to better understand its inherent errors, how to manage quality control & overconfidence, with detailed solutions on improving spreadsheets in financial reporting.
THOUGHT LEADERSHIP WHITEPAPER
We want to provide you with an update on the Log4J vulnerability that was identified this weekend as it relates to your Synoptix installation. The short answer is that there should be no vulnerability issues with Synoptix. Synoptix no longer uses Log4J. Version 7 did use version 1.2 of Log4J (which was not vulnerable), and should therefore also be clear of any vulnerability issues related to Log4J version 2.0-2.14 (which was identified this weekend as having vulnerability).