Maksim Kabakou - Fotolia

Security Think Tank: Five things businesses can do to protect from cyber attack

How should organisations address the need to keep software up to date with security patches without it costing too much or being too labour intensive?

With a second major cyber attack hitting computers around the world, businesses are on high alert for what happens next. While we all know not every business has the benefit of having a large information security team and unlimited resources to fight cyber crime, there are still basic steps every company can take to protect themselves. But remember: hackers and the malware they create do not consider your budget, your staffing levels, skill sets or future plans to resolve security issues. There is no substitute for proper management of your computer.

With that in mind, here are five things businesses of all sizes can do to protect themselves:

1. Patch, patch, patch

As most successful computer intrusions exploit a software or programming defect, applying patches that repair those defects is an essential part of basic computer hygiene. Failure to patch results in your computer being an easy target for criminals to harvest. They can use your computer and your accounts for nefarious purposes.

2. Think like a criminal

Any cost-benefit analysis of not patching in a timely manner should include worst case scenarios of data breaches, ransomware attacks that encrypt your data, account takeover losses and damaging a businesses’ reputation. If you think like a criminal, you can think ahead of what should be done to protect your business.

So what are criminals thinking? Their measure is simple; is the computer they are targeting vulnerable or not? If it is vulnerable, it gets added to their hitlist. If not, they will move on to easier prey. Don’t be the easy target. When you have been identified as vulnerable and successfully attacked, you will likely see the same actors return over and over. You’ve now been identified as the weakest link.

3. Cyber experts to the rescue – listen and act quickly

Most of the major technology companies specialising in cyber security include ratings on the severity of the vulnerability, and a recommendation of how quickly to apply patches. Follow these guidelines closely because these cyber experts are working hard to ensure the patches provided are the latest and greatest. After all, their own reputation is at stake!.

4. Sharing is caring

Of course, not every business has the ability to hire an army of analysts to fight off cyber attacks. This is why being a part of an information sharing group like the Financial Services Information Sharing and Analysis Center (FS-ISAC) will help your organisation with greater awareness without hiring a full-time cyber analyst or a full team. FS-ISAC provides real-time intelligence sharing, analysis, plans for business continuity, webinars, and so much more to help your business stay ahead of cyber criminals.

5. Weigh the cost

While cost is an issue, it seems that these days, ensuring you have the most current patch is simply the cost of doing business. Pay for the latest patching because dealing with the fallout of a cyber attack is going to cost you far more.

Read more on Hackers and cybercrime prevention