The Biggest Cyberattack Threat Comes From Within

This one's a no-brainer. As much as we hear about password breaches and the need to come up with unique, complex passwords for each of our online accounts and systems, the statistics paint a grim picture of how most people actually manage their passwords, with more than 50% using "five or fewer passwords across their entire online life" and the five most popular passwords (in 2014) proving to be "123456, password, 12345, 12345678 and qwerty." I won't delve deeply into how password managers work (Consumer Reports has a quick primer here) other than to say that they make it very easy to guard against risky password management practices.

Does your staff manage login credentials across a wide range of cloud-based and local technologies? The answer is almost assuredly yes. To protect yourself against the human tendency to use the same password across multiple platforms or weak passwords that are more memorable, your safest bet is to purchase and mandate staff usage of password management software. They are inexpensive and for those of you who use one password for everything (and many people do), this allows you to carry on with that practice in a sense, as you only have to remember one (for the password manager itself) — just create one that's going to be hard to crack!

If Your Office Is Attacked

Sometimes our best efforts still fall short. In this instance, your staff should be trained in how to proceed should they suspect the office has fallen victim to an attack. The timeframe from opening a compromised attachment to network infection is minimal; in fact a 2016 report from Verizon found in "93% of breaches, attackers take minutes or less to compromise systems". It's imperative that as soon as a problem is suspected or recognized you notify a professional, which may be the IT person in your office. You'll need to disconnect from the network to extinguish any internet access and prevent any data from leaving your system. Any passwords that may have been compromised should immediately be updated. You'll also want to determine the risk for any information that may have left your system during the attack and proceed accordingly.

The above suggestions are simply first steps. Expert advice runs the gamut in terms of actions you'll need to take following a breach, but a good starting point for your research might begin here.

Prepare Now, Rather Than When Under Duress

What you don't want to do is begin formulating your plan for responding to an attack after the attack has occurred and stress levels are at a maximum. Develop your incident response policy now so your course of action is clear if/when you need to invoke it.

None of us want to have to spend our time dealing with these threats to our business, but it's important to allocate time to plan for them when we can think clearly and unburdened by the need to rush. Make sure that you and your staff are educated about best practices for thwarting attacks, that you've developed a policy for dealing with attacks and that everyone is clear on what is expected should an attack occur. The time you spend preparing now could just end up being some of the most important hours you ever put into your business.