There are of course several things that we can do to protect ourselves, both procedurally and technically, providing defence in depth.  Protecting businesses from phishing and other malware is crucial for maintaining a secure online environment. Here are some key steps to help protect your business:

• Employee Education: Train your employees to recognize and avoid phishing attempts. Teach them how to identify suspicious emails, links, and attachments. Encourage them to report any suspicious activity promptly.

• Strong Passwords: Enforce the use of strong, unique passwords for all business accounts. Consider implementing two-factor authentication (2FA) for an extra layer of security.

• Data Backups: Regularly back up all critical business data to secure, off-site locations. This ensures that even if malware or ransomware attacks occur, you can restore your data without paying a ransom.

• Incident Response Plan: Develop a comprehensive incident response plan outlining the steps to be taken in case of a security breach. This plan should include communication protocols, containment measures, and recovery procedures.

• Ongoing Security Awareness: Maintain a culture of security awareness within your organization. Regularly remind employees about the importance of staying vigilant and following security best practices.

Alongside these there is some other stuff that can, to a large extent, be automated in order to reduce your administrative burden and reduce support costs.

• Regular Updates and Patches: Keep all software and operating systems up to date with the latest security patches. Regularly update antivirus and anti-malware software as well. All sounds great but what if you could reduce this requirement to a manageable level.  Manageable not only because it must be done, but also because of the disruption it can cause to your working environment.  Have a word with us.  We have an app for that!!

• Secure Network: Implement robust network security measures, including firewalls, intrusion detection systems, and secure Wi-Fi networks. Regularly monitor and audit network activity for any anomalies. This is all good, there is still very much a place on your network for firewalls.  But what about protective monitoring?  Is that affordable?  Is it manageable?  Is protecting the network layer good enough?  Should we be looking at the application layer instead?  Have a word with us.  We have an app for that!!

• Anti-Malware: Are you considering renewing your AV licence?  Have a word with us first.  We recommend a system which uses a Hard Disk Firewall (HDF).  All data on your systems is stored either as non-runnable data or runnable application programs.  Malware is a type of runnable program with undesirable behaviours.  HFD prevents malware infection, stopping malware program files from being stored and run on a computer.

• Web Browsing Security and email protection: Advise employees to exercise caution when visiting websites, especially those with suspicious or unknown origins. Encourage the use of secure browsing practices, such as avoiding clicking on unfamiliar links. Deploy email filters and spam blockers to prevent malicious emails from reaching employees’ inboxes.  Protective monitoring has a play here also and we have an app for that!!

Remember, cybersecurity is an ongoing effort. Stay informed about the latest threats and continuously adapt your security measures to address emerging risks. Consider consulting with cybersecurity professionals for additional guidance tailored to your specific business needs.