Since cyberattacks are on the rise, and businesses, especially the SMBs, are vulnerable to hackers, there is an urgent need for a well-thought-out cybersecurity policy, says Husni Hammoud Managing Director – Technetium (Part of the Midis Group).
It is critical to understand how effective each security product is in stopping the new tactics that the attackers have been using since COVID-19. Conventional antivirus solutions alone are no longer as effective as they need to be in order to counter threats. For these reasons, many of today’s antivirus solution vendors are adopting methodologies that combine machine learning, sandboxing and EDR to stay ahead of the attackers.
Since COVID-19, there has been a significant rise in ransomware & Business Email Compromises (BEC) and Zero-day threats. The best way for businesses to protect against these threats is to have a comprehensive set of security tools in place and to utilize Security Awareness Training to ensure that users are aware of security threats and how to prevent them.
A well-thought-out cybersecurity policy and employee training is undoubtedly the top defense against cyberattacks, especially for remote employees. Some companies are turning towards more aggressive protection models such as zero-trust policy, which is based on the principle “Never Trust, Always Verify”. Adding multi-factor authentication into your existing architecture makes it harder for potential hackers to gain access to your sensitive information. And, ensure your OS and AV engine is always up-to-date.
While all industries are at risk to cybercrime, some sectors are a greater target than others, and should be taking extra precautions to guard themselves against such attacks. SMBs are always an easy target for cyber attackers. Furthermore, healthcare, financial services industry, technology and telecoms industry appear to be cybercriminals’ favourites.
Attackers will continue to go after the low-hanging fruit but prices for the return of precious data will most likely fall as people become more aware of the threat and new protections are put into place. The digital supply chain will become more vital and thus more of a target to attackers. Moreover, social engineering will continue to dominate as the vector of attack until companies can find a way to build a true culture of cybersecurity, train employees properly and improve individual cyber-behaviour and hygiene.