Article

Cyber Security Questions Every Business Should Be Asking

Cyber Security Questions Every Business Should Be Asking

Following several recent high-profile cyber attacks, it is more critical than ever for organizations to evaluate their cyber defenses and ask themselves a number of basic cyber security questions to assess their vulnerability.

Each year brings new technological developments that improve people’s lives. At the same time, these advances also introduce new cyber security threats and more attack surfaces.

Moreover, dwindling resources, slow budget growth, increasingly hostile threats, the evolution of the Internet of Things, and expanding ransomware are major reasons why it is becoming more difficult to keep up with the changing threat landscape. Such reasons highlight the need for renewed organizational attention to cyber security. Is your organization vulnerable to a breach or cyber attack?

To evaluate readiness, here are some of the cyber security questions every business should be asking.

  • Do You Require Employees to Use Strong Passwords?
    Weak passwords cause of more than half of all data breaches, yet just 24% of small businesses enact policies requiring employees to have a strong password. It is critical to have a strict password policy in place to protect your network.
  • Are Your Employees Required to Change Their Passwords Regularly?
    Employees must be required to change their passwords regularly to protect data. Nearly 65 percent of businesses do not strictly enforce their password policy, despite having one in place.
  • When Possible, Does Your Business Use Two-Factor Authentication?
    Wherever possible, you should add an additional layer of data security by enforcing two-factor authentication, such as SMS authentication.
  • Are Employees Using Their Personal Smartphones for Work Purposes?
    Personal phones and devices significantly increase the chance of malware attacks when employees use them on the office network.
  • Do You Back Up Your Files?
    A cyber attack can make confidential files completely inaccessible. Protect them by keeping local backups of all critical files and storing copies on an offsite server.
  • Does Every Company Device Have Antivirus and Malware Software Installed?
    Make sure your organization installs the most up-to-date versions of antivirus and malware software on all organizational devices, and that they run properly.
  • Do You Limit the Number of Employees with Administrative Access to Only Those Who Need it?
    Administrative access rights should be assigned sparingly and given only to those employees who absolutely need it to conduct their jobs. Additionally, employees who are granted admin access must be trained and well-educated on security issues.
  • Do You Encrypt Databases and Customer Information?
    Without encryption, your organization’s sensitive data and customer information is accessible to hackers. To reduce data vulnerability, take steps to ensure all your information is encrypted.
  • Have You Trained Your Employees to Recognize Phishing Emails?
    Phishing emails account for nearly half of all cyber attacks, and employees often fail to spot them. It is crucial that every business train their employees to not respond to suspicious emails.

How does your organization prepare to handle a cyber attack? Are you looking for ways to strengthen your organization’s cyber security? If you identified gaps in any of these areas, IEEE provides cyber security and ethical hacking training to help organizations prepare. Learn more about organization pricing and request a quote here.

References:

Bose, Shubhomita. (2017, August 28). 11 Cyber Security Questions Every Small Business Should AskSmall Business Trends.

Gillin, Paul. (2017, January 30). Two-Factor Authentication: A Little Goes a Long WayIBM Security Intelligence.

IEEE Cybersecurity Vulnerability Navigator, 2017.

Lindros, Kim. (2016, September 7). A Small Business Guide to Computer EncryptionBusiness News Daily.

Wednesday, 21st February 2018