You may not be aware, but October is recognised as Cybersecurity Awareness Month, a time dedicated to raising awareness about the critical importance of cybersecurity. In today’s increasingly digital landscape, where businesses and individuals rely heavily on technology, understanding the significance of cybersecurity and how to protect your digital assets has never been more vital. In line with this, we’d like to share essential actions you can take to minimise the risk of falling victim to a cyber attack, secure your sensitive information, and maintain the trust of your clients and partners.
Prudent Cybersecurity Measures
- Use Secure Connections: Always use secure connections when accessing your information and accounts. Avoid public Wi-Fi unless you have a secure VPN connection available from your device.
- Maintain Strong Passwords: Strong, unique passwords for each login are essential. Avoid using generic or easily guessable passwords. Consider using a password manager to keep track of your credentials securely.
- Implement Multi-Factor Authentication (MFA): Wherever possible, enable MFA. MFA requires multiple methods of authentication, such as a password and a one-time code sent to your mobile device, to verify your identity.
- Use Appropriate Software: Employ appropriate software, including anti-spam filters, antivirus, and anti-malware tools. Regularly update your software and operating systems to patch vulnerabilities.
- Exercise Caution with Email: Be cautious when dealing with unfamiliar or suspicious emails. When in doubt, contact the sender to verify the email’s legitimacy. Never enter personal or banking details in response to an email request. Instead, type the legitimate web address directly into your browser.
- QR Code Vigilance: Be wary of links provided via QR codes. These can be as malicious as phishing emails.
- Educate and Train: Regularly educate and train all users on cybersecurity best practices. Consider using online training services that provide pre-made video training sessions.
- Backup Your Data: Maintain full backups of all your data, regularly test them, and store them securely, away from your primary data location.
- Insurance Coverage Review: Review your insurance coverage, particularly cyber insurance, to ensure you’re adequately protected against all your business risks.
- Cybersecurity Systems: Consider using a cybersecurity system with Extended and/or Managed Detection and Response capabilities for the highest level of IT environment protection.
Understanding Multi-Factor Authentication (MFA)
Multi-factor authentication (MFA) enhances security by requiring multiple methods of authentication for user verification. It adds an extra layer of protection on top of a password, making it more challenging for unauthorised individuals to access your accounts and information. MFA employs various methods like SMS, email, authentication apps, security tokens, and biometric verification. Careful configuration of MFA is essential to strike the right balance between security and usability.
Reporting Data Breaches
In the event of a data breach, you may be legally obligated to report it under privacy legislation. Please report breaches here or by phone at 1300 292 371.
Reviewing Your Insurance
We strongly recommend reviewing your current insurance coverage, with particular attention to Cyber Insurance. Cyber insurance can cover a broad range of incidents, including financial losses, incident management support, business interruption costs, investigation and data recovery expenses, third-party liability, and extortion costs. This review ensures that you are well-protected against a rapidly evolving threat landscape.
Cybersecurity is an ongoing effort, and these measures can significantly bolster your defences. We encourage you to take these steps seriously to protect your business, your clients, and your reputation.
How we can help
If you have any concerns in relation to the issues raised above, we can help review your IT systems, accounting software and discuss what is best way to deal with your concerns. If you have any questions, please contact your client manager.
Author: Markus Goebel
*Correct as of 30 October 2023
*Disclaimer – this article has been produced by Kreston Stanley Williamson as a service to its clients and associates. The information contained in the article is for general comment only and is not intended to be advice on any particular matter. Before acting on any areas contained in this article, it is imperative you seek specific advice relating to your particular circumstances. Liability is limited by a scheme approved under professional standards legislation.