5 Cybersecurity Best Practices To Combat Increasingly Sophisticated Attacks
These 5 practices will certainly help you and your business thwart cyber-attacks. However, to truly rest assured, your business needs a robust cyber insurance policy. LIA is now pleased to offer a new cyber insurance program, Beazley Breach Response (BBR). BBR is a privacy breach response management and information security insurance solution, now available for valuation and real estate professionals.
As we start the new year and look back at 2022, it is plain to see that cybersecurity attacks have become more skilled and sophisticated. This is due in part to the fact that hackers and scammers are casting smaller nets, and more finely tuned attacks that exploit SMB weaknesses.
One weakness that is prevalent among most small to medium sized businesses (SMBs) is complacency. That’s why it’s more important than ever to regularly review the following best cybersecurity practices. The practices we’ve put in this list below can help protect you from attacks like phishing, malware, viruses, and VPN hacking. In addition, they may help you qualify for cyber insurance, which can protect you and cover your losses if your network security system is breached.
Without further ado, here are 5 cybersecurity best practices to combat increasingly sophisticated attackers.
1. Use Two-Factor Authentication For Logins
Two-factor authentication (2FA) is a security measure that requires two forms of identification to successfully complete a login. The two forms of ID may consist of entering your password, answering a security question, or entering a code that was texted to your phone.
The philosophy behind this cybersecurity practice is that if a hacker manages to get past one stage of authentication (such as the password), they may not be able to make it through the second stage. This is especially true if you set up a more personal authentication method for the second stage, like a code texted to your personal cellphone. It’s a simple deterrent, but a (mostly) effective one.
2. Use A Password Manager To Generate More Complex Passwords
Passwords have long been a target for would-be cyber attackers. This is because most people create simple passwords that are easy for a sophisticated hacker to guess or unscramble using a password cracker software.
That’s why we recommend using a password manager. A password manager, such as the ones offered by Google and Apple, helps you generate long, complex passwords for all your logins. Then, it stores those passwords securely, so you never have to memorize them yourself. This also makes it harder to steal.
Think of a password manager like a safe holding your valuables; only in this case, your valuables are your logins for your work and personal accounts.
3. Check The Email Address Of The Sender Of Suspicious Emails
If you ever receive an email that appears to be from a reputable source, like a popular online retailer, a subscription, or someone you know, it’s a good idea to check the email address of the sender before responding.
Many hackers will use a phishing scam in which they send you an email designed to look like it hails from a respectable website or individual. But when you check the sender’s email address, it has nothing to do with the website or person that the email claims to be representing.
These types of emails will usually ask you to click on a link, which takes you to a webpage where you are prompted to update your payment and billing information. You may even be asked to confirm more sensitive information such as your social security number and date of birth.
If you receive an email like that, always check the sender’s email address. If it looks suspicious, that’s a good clue that you should delete it right away without clicking on any of the links inside it.
When in doubt, open a separate tab in your browser, look up the website that the email was supposedly sent from, and log in to check your account yourself. If you don’t see any notifications and everything looks up to date, you know you just received a phony email.
4. Don’t Click On Links Unless You Trust The Source (Even Then, Use Caution)
You should always be wary of clicking on links in emails, even if the sender is using an email address you recognize.
An easy way to vet any links in the emails you receive before clicking on them is by hovering your mouse over them. When you do that, the URL should appear in a floating box next to the mouse pointer. If the URL shows a website you’ve never heard of or that looks suspicious, you may want to have your resident cybersecurity or IT expert take a look at it. Just be sure not to click on it!
5. Set Up A Cybersecurity System Tailored To Your Needs
Using 2FA, a password manager, and caution when receiving emails and clicking on links are great tools you should be using to protect yourself and your business. But you need more robust protective measures, as well. Utilizing a cybersecurity team can help protect you from even more sophisticated attacks than email phishing and password cracking, like VPN exploitation and ransomware.
To see how we can set up your small or medium sized business with the perfect cybersecurity solution to fit your budget, contact us here.