TIS THE SEASON FOR MINCE PIES, MULLED WINE AND INCREASING CYBER CRIME
Christmas Cyber Security Check List
The Essential Christmas Cyber Security Checklist
Christmas is approaching fast, a time for celebrating and relaxing with friends and family; to reflect on the last 12 months. So much has happened: surging energy prices, a post-pandemic work landscape, a war in Ukraine, the cost of living crisis and rampant inflation. Alongside sits the risk of increasingly sophisticated ransomware attacks.
Cybercrime increased by 28% from this time last year, and experts predict it will surge by 30% over the festive period.
With the scale of problems to deal with, it’s understandable why people put off prioritising their cyber security. But be warned; cyber-criminals know the festive holidays are the best time to launch attacks. Offices will empty, and employees’ focus turns away from work, with only skeleton teams on call during the holiday. So it’s almost the perfect condition for hackers to launch ransomware attacks.
STOP and think for one minute about the devastating consequences if cyber criminals were to break through your business defences. Ransomware attacks bring businesses to a standstill, irrespective of size or industry sector. Lost sales, employees not able to log in, reputations damaged. Valuable internal resources work around the clock to recover lost data, let alone the ransomware demand to consider. It’s excruciating; ask anyone who has experienced it first-hand. The last thing anyone would want is to start 2023 recovering from a ransomware attack.
The time to act is NOW.
Snap yourself out of the ‘do nothing, and it will go away’ state of mind NOW. You can do a lot, and it’s nowhere near as difficult as you might think. So we asked our security colleagues for their recommendations to add to the Christmas Cyber Security Check List infographic.
Following the five simple activities on the Check List will make the difference between being ‘easy prey’ for criminals or one they may try to attack but lose interest in when their initial attacks don’t work, and they go elsewhere for easier pickings.
Five tips on how businesses can protect their IT systems at Christmas.
Remind all employees to always check emails before opening them (especially the supposedly urgent ones which might slip through) and never click on links from unexpected sources. Even the supposedly ‘festive fun’ emails may hide something sinister.
2. TURN IT OFF
If you don’t need it, turn it off – particularly User Acceptance Testing systems. Not only will you save money (if you’re in the cloud), but you’ll also deny the hackers a possible route into your systems.
3. SIGNING IN
With many employees accessing company networks remotely, make sure all computers use encryption products and passwords. Educate your team on the importance of good password management, i.e. never use the same one across different log-ins, never write them down, and use a password manager to keep track of them. Finally, secure access to sensitive websites or data with Multi-Factor Authentication.
4. PATCHING & BACK-UP
Use the quiet time just before Christmas to ensure everything is updated. Closing off vulnerabilities is one of the best ways to spoil a hacker’s Christmas. There is time to run a vulnerability scan to pick up and fix any unknown vulnerabilities or issues before hackers find them. Is your Back-Up up to date? For good measure, scan your Back-Up to check no malicious ransomware code has already been quietly added by hackers waiting to attack.
5. DISASTER RECOVERY
How up-to-date is your Disaster Recovery Plan? Do you have one? If you don’t, write one now. (download a DR template here) Make sure your team knows their role in the recovery, should an attack occur. Update all contact details so people know who to contact and when. Have a run-through of your Disaster Recovery Plans before Christmas if you have time. It will become apparent what else needs to be updated in your plans.
Being prepared and able to respond quickly will limit the potential damage of cyber-attacks and their impact on your business.
Secure your business NOW
This is a stark warning given by the Cyber Security industry for all businesses and organisations. Secure your defences NOW whilst there is time. Or have the awful constant worry over the festive break that there was more you could have done.
Although this may sound a little ‘Ebenezer Scrooge’…. Act NOW, and you’ll have made a positive step forward for your business’s defences.
Follow the advice on our Christmas Cyber Security Checklist infographic.
If our Christmas Cyber Security message has struck a chord, there are a few excellent resources we strongly recommend.
- The NCSC website is a brilliant resource packed with information.
- National Cyber Resilience Centre has nine regional offices around the UK that provide essential security reading for all business owners and directors.
The Insights section on our website has a wealth of blog posts and white papers centred around Cyber Security from Managing Passwords, Social Engineering and how to adopt and put into practice a Security Mindset in your business and home life.
Contact our ISO27001 and Cyber Essentials verified cyber security experts via the Contact Us buttons below if you need help or support preparing your business to be cyber-safe over the festive break. Find out about the range of cyber security services we provide for our clients. From Vulnerability Management to Vulnerability Audits, secure Cloud Hosting to a Security Operations Centre. It’s the reason why our clients have many Silent Nights.
Wishing you all a Happy Cyber Secure Christmas with many Silent Nights.
The Digital Craftsmen Team