At Churchill Support Services, we’ve consistently been at forefront of physical security measures for over 27 years. It’s all part of our continued efforts to ensure that we provide the reassurance our clients and customers deserve. We believe in a comprehensive service, and that extends to the demonstrable passion we show in all we do.
As part of cybersecurity month, which runs throughout October, we’re turning that focus to more virtual (but no less dangerous) threats, and how they weave together with the world of physical security.
We’ll look at what you can do to ensure that you stay safe in a changing landscape, and why the growing cyber threat is quickly becoming a major concern for everyone.
You’d be forgiven for thinking that physical security is far more important than securing your online presence. While it’s certainly true that physical security measures go a long way towards ensuring your day-to-day safety, we all have some form of online presence that brings with it an inherent risk.
Cybercriminals are constantly on the lookout for the data you leave behind because it has value. Whether that’s your email address, passwords, location data, or online banking credentials, hackers and infiltrators can use that to steal accounts you’ve made or even access private information on email and bank accounts.
Of course, that’s not where it ends. For more organised or determined cybercriminals, they’ll often hold your data to ransom (through what’s called ransomware), or sell reams of information to spam calling companies and phishing scams.
This is big business, too. The latest government estimates place the total cost of cybercrime across the UK economy at around £27 billion, with that only set to increase as technology becomes more advanced on both sides of the coin.
Prominent targets for cybercriminals include the NHS and healthcare organisations, which usually have large servers where sensitive and confidential data is stored. The same is true of banking institutions, although this is often more financially-motivated, and conducted by both groups and individuals.
There’s also other costs alongside the financials. The mental health impact of being a victim of cybercrime is well-documented, and can prove a trigger for other mental health conditions like anxiety disorders, depression and PTSD.
Plus, the delays and disruption that an organised cyber-attack can cause can lead to significant time and effort spent on rectifying the issue that could’ve been spent elsewhere, and on something that truly matters to your business.
Now that we understand the threats posed by cyber criminality, and how it can take a substantial toll on a huge range of sectors, it’s equally important to look at how you can protect against those virtual threats.
We’ve compiled 5 key tips to help with your cybersecurity, and protecting yourself regardless of what you do online.
It might seem like an unnecessary delay to your working day, but updating your software on a regular basis is absolutely essential. There’s a few key reasons for this:
Ultimately, updating your software also ensures your business is as up-to-date as it needs to be to ensure that you can continue to thrive in your sector, and that your customers receive a stellar experience.
This is a simple change to implement, too. Most modern software has the option to turn on automatic updating, especially business tools like the Microsoft Office suite and Adobe’s photo and video editing tools.
It can be easy to assume that an email that looks the part has come from a reputable source, especially it’s from a site or service you use regularly, like your bank or a reputable online retailer. However, one of the most common scams is spam or malicious emails that masquerade as a well-known company.
These can be notoriously difficult to spot, especially as sophisticated cybercriminals can fully copy a company’s layout, design and writing to create an exceptionally convincing copy. This is known as “phishing” – these cybercriminals will use these emails to steal login details through elaborately designed scam sites. Imagine that they’re “fishing” for your details.
Like the emails themselves, these will usually be designed to convincingly imitate the site you know and love. They mask a horrible truth, however – they’re simply set up to harvest your account details.
This is particularly concerning for more private information, such as patient records or banking credentials. However, entering any login credentials on an illicit site is dangerous – even online shopping sites and video games can hold vital data that’s like gold dust to hackers and cybercriminals.
We would strongly advise always checking and double checking any emails, and ask yourself a few key questions before clicking any links and entering your information:
It’s an age-old recommendation, but changing your passwords regularly, and ensuring you don’t use the same password for multiple websites, is absolutely essential. They’re a crucial part of any online identity you have, and it’s thought that more than 70% of people use the same password for personal accounts.
That’s a huge mistake, especially in an era where cybercrime is becoming more and more prevalent. Simply diversifying your passwords is enough to prevent a substantial amount of the risk posed by cyberattacks, and can help keep your data safe.
A great rule to follow is the “rule of three”, suggested by the UK’s National Cyber Security Centre. This recommends three random words as your password, as they’re always guaranteed to be unique, and unlikely to be guessed by hackers.
There’s also additional tips, offered by Google, which can help you to create a password that’s more memorable, but no less secure. These include:
While you’ll undoubtedly be taking all the precautions you can to ensure you don’t get a virus, they can and do happen. Just a few years ago, the “WannaCry” virus targeted Microsoft computers, with over 300,000 businesses and services grinding to a halt.
While coordinated and targeted attacks like this are impossible to predict, a good antivirus can go a long way towards protecting your machine. Windows’ built-in antivirus is a strong option, but third-party services are much more robust in their scope, and can often be scaled for larger businesses.
A strong antivirus will also receive regular updates to its database and recognition capacity, meaning you’ll be kept safer even as the online landscape shifts. Windows Defender, for instance, receives regular, automatic updates, as do most other commercial options available.
This is a relatively new technology, but it’s one that’s fast becoming a mainstay across a huge range of services and technologies. In fact, it’s something that most IT and Communications departments consider to be a necessity, with many modern businesses already having some system in palace.
The concept is simple – it takes advantage of secure apps, text messages or emails to provide an additional layer of verification when logging into a site. You’ll receive a prompt to approve any login, which you can do simply by entering a code from a text or email, or by approving a notification in a designated app (like Microsoft or Google’s Authenticator apps).
Not only does this ensure that any login attempts can only be completed by the person with the additional device, but that any malicious logins are detected and dealt with accordingly. Two-factor authentication (often abbreviated to 2FA) is set to become more of a mainstay as we move towards a more technology-focused world.
This isn’t foolproof, however, and there still needs to be an element of vigilance and awareness for the new methods that phishers and cybercriminals are using. 2FA Fatigue is quickly becoming an issue, where scammers rapidly spam login attempts in an effort to “fatigue” or irritate the user into accepting the notification.