The cyber threat landscape grows scarier by the day. According to the Privacy Rights Clearinghouse, more than 10 billion digital records have been compromised since reliable records began in 2005.

Just 4% of breaches involved encrypted data rendered useless once stolen. The other 96% involved unencrypted data that could be read, processed, and shipped off to bad actors to do with what they wished.

Cybersecurity strategies

If your business hasn’t yet fallen victim to a cyber attack, it’s not too late to take commonsense steps to improve its security posture and reduce the likelihood of a catastrophic breach in the future. If you have the resources, by all means hire a CSO to manage your internal posture and interface with third-party security vendors.

If not, start with these six straightforward strategies, then consult with an outside cybersecurity expert for guidance specific to your business’s activities and needs.

1. Back Up Critical Programs and Files on External Storage Media

Avoid persistent threats like ransomware and physical theft by backing up your critical files and programs on external drives. Heavily used programs call for frequent backups: for instance, you’ll want to backup Microsoft Office at least once per week, and perhaps more often still. Keep external media in a secure location that’s physically separate from other network nodes.

2. Keep Your Anti-Malware Program Up to Date

Threats might change on a daily basis, but the rubric for evaluating anti-malware programs shows remarkable consistency. You can use the same basic template to choose your 2018 anti-malware edition that you used back in 2008 or 2009.

Once you’ve selected your program, make sure to keep it up to date. Schedule major patches and updates for overnight or low-activity hours, when system restarts and connectivity interruptions won’t impact your work. Scan the cybersecurity literature to ensure that your program’s developers remain at the top of their game; it’s all too common for programs’ stocks to rise and fall with leadership or engineering personnel changes.

3. Avoid Software and Hardware With Known Vulnerabilities

Don’t purchase a new software or hardware product without reading up on its vulnerabilities. Many swear off entire hardware domains (see, e.g., Apple diehards). You don’t have to go quite so far, but there’s absolutely no reason to invest in systems or program with known vulnerabilities or patchy histories.

Businesswoman using a VPN service while using a tablet PC

4. Use a Virtual Private Network When Browsing

Protect yourself (and your company’s systems and files) while browsing on unfamiliar networks with a virtual private network. VPNs anonymize and encrypt traffic coming from your machine, rendering it unintelligible to would-be attackers.

Small-scale VPNs are free or cheap, but you may want to spend a bit more for an enterprise-grade system that can handle serious traffic and protect your entire device cloud simultaneously. If you’re unfamiliar with the virtual private network landscape, spend an hour or two reading popular VPN reviews.

5. Practice Good Email Hygiene

No matter how often it’s said, some never learn. Once more, for posterity: do not click links in sketchy emails. This is the easiest way to open the door for opportunistic hackers.

Good email hygiene is in the eye of the beholder, but easy best practices include:

  • Strengthening your spam filter’s settings
  • Whitelisting email addresses and ignoring all other traffic
  • Using folders to separate questionable emails that make it through your spam filter
  • Typing link text into your browser, rather than clicking links in emails
  • Toggling your email suite’s security settings to obscure potentially hazardous images

6. Use SSL and Other Commonsense Security Measures to Protect Your Website

If your website doesn’t have an SSL certificate, add one this week. For less than $100 per year, it’s a crucial vote of confidence in your security posture. Many cautious web users simply don’t spend time on sites that lack SSL.

You’re More Vulnerable Than You Think

No one likes to hear that they’re vulnerable to a multitude of cyber threats, but that’s the sad fact of doing business in 2018. It’s time to cast aside unconvincing excuses and admit that, yes, it can happen to you. Don’t wait until it’s too late.