business 5 Cyber Threats for Businesses in 2021 and Tips To Mitigate Risk October 29, 2021 As we close out Cybersecurity Awareness Month, it’s crucial to take a look at the top threats in the cyber world as of late and how you and your business can stay safe. Let’s delve in. With so many people working remotely these days, it’s no shock that companies are exposed to new cybersecurity risks. Here’s a look at the top five threats in 2021 and how your business can mitigate them. Five Threats Phishing- As we’ve covered in blogs before, phishing involves hackers posing as someone from your organization, or an organization you recognize and requesting personal information from you. Take a closer look at those emails from your “CEO”—they could be phony! The IRS also will never send taxpayers an email about a bill or refund out of the blue, so stay on guard to make sure you are not opening or forwarding strange emails or websites. Hackers have also taken advantage of the ongoing COVID pandemic to instill fear—check out our blog, https://kahnlitwin.com/blogs/business-blog/beware-of-coronavirus-phishing-scams. Quick Tips—spotting a phishing scam-Check the reply email- is it a slight variation of the company or employee name?-Hover over the links—Make sure a link points to the correct domain, not a slight variation. Scammers are sneaky—check every letter!-Exercise caution if you receive an email from someone who usually only contacts you by phone—it could be a scam artist!-Watch out for generic emails containing little or no specific information about your business.Malware- Malicious software, commonly known as malware, affects computers everywhere, and is a frustrating, costly, and time-consuming issue for those affected. Malicious software programmers are on the lookout for holes in your security measures, so it is vitally important for the sake of your company to make every effort to protect your system. Common symptoms of malware include constant pop-ups, slow, sluggish performance, added toolbars to web browser/strange settings, firewall protection is disabled all of a sudden and frequent error messages.Quick Tips—5 tips for prevention-Keep malware software up to date and run regular scans with the software-Don’t use open Wi-Fi and make sure your own network is secure.-Do not open strange attachments or click on pop-ups-Back up ALL files.-Use strong passwords and make sure they vary across accounts.Ransomware- Ransomware is a form of malware (malicious software) that encrypts a victim’s files so they cannot access files, databases or applications. To restore access, the attacker will demand a ransom from the victim, which can range from a few hundred dollars to thousands, payable to cybercriminals in Bitcoin. Quick Tips—Protecting against ransomware-Implement multifactor authentication, endpoint detection and response, encryption and skilled, empowered security team-Back up data, system images and configurations, regularly test them and keep the backups offline-Update and patch systems promptly-Test your incident response plan-Check your exposure using a third party penetration tester-Segment your networks-Evaluate third party vendor securityData breaches- Data breaches remain a concern as well. Data breaches occur when sensitive data is stolen from a system without authorization from the system owner. This can put confidential user information at risk including credit card information, names, social security numbers, email addresses, passwords and more. Quick Tips—Protecting against data breach-Educate your employees- this is a crucial step—identify all areas of potential vulnerability.-Create and update procedures related to data security standards-Back up data on a regular basis, in the event of a data loss or server crash-Remote monitoring of your network-Safeguard physical data—store records in a secure locationCompromised Passwords- Your passwords can be compromised when you enter your login credentials on a fake website without realizing it. Quick tips—Creating passwords-Use unique, hard-to-guess passwords-Don’t use the same passwords across accounts-Avoid using personal information in passwords-Use multi-factor authentication-Change passwords on a regular basis Questions? Reach out to us.