The holidays are a particularly vulnerable time of the year when it comes to cybersecurity. Cyber criminals don’t slow down to frolic in the merriment, but rather take advantage of businesses operating with reduced staff, as well as employees who just might be a little more apt to mindlessly click on something dubious. Every year bad actors and hacking groups leverage this seasonal guards-down posture to attack organizations’ networks, systems, and data. Every business’s cybersecurity strategy should note and address particularly vulnerable times and events, with the holidays perhaps leading the list. Read the following holiday cybersecurity tips to ensure the safest possible posture for your business and data this holiday season.
Ransomware is a growing threat and a big concern this holiday season and is estimated to cost businesses more than $20 billion in 2022. Ransomware is an insidious type of malware that locks users out of their systems and steals, encrypts and often deletes data.
As part of a comprehensive cybersecurity strategy, organizations should regularly back up their systems and data, enabling a rapid restoration of operational functions. Maintaining offline versions of your backups best allows your business to clear and restore encrypted devices and systems.
Software vulnerabilities are constantly emerging and thus software companies regularly release updates. You might be shocked at how many updates sit idle and uninstalled, leaving businesses dramatically vulnerable. Make sure to always install the latest available software updates to ensure your systems and data are as protected as possible from the latest cyberthreats.
Every business should have a Business Continuity Plan (BCP) that presents threat scenarios and the responses required to address the situation and mitigate the harm to people, property, infrastructure, and data.
Addressing specific threats related to reduced staff, as is often the case during the holidays, is a smart inclusion to your BCP. Who is monitoring certain systems? What are the appropriate steps when IT and other key players are on vacation? How are your physical networks being protected when very few people, if anyone, is onsite?
A cybersecurity policy is only as strong as its user adoption. Consistently training your employees on cybersecurity best practices is a must, and extra effort near the holidays is also often warranted. This season, reinforce the best practices and policies already in place, but also educate your team on the telltales of current and emerging holiday cyberthreats and how to avoid falling prey. Overpayment scams are a big threat this season – so let your people know to be on the lookout for anything unusual in an AP/AR scenario.
When was the last time you updated your antivirus, antispyware, and anti-malware software? Antivirus software needs to be updated regularly to ensure your that your data and systems are adequately protected against the latest threats.
Stig Ravdal is the President & Founder of Ravdal, Inc., a leading cybersecurity strategy and solutions company. He is widely considered an expert in the field and is available for speaking engagements.