The recent cyber-attack on the NHS has shown that even our largest and most robust organisations can fall victim. Leaving no sector or business safe regardless of size, what key steps can companies take to prevent future attacks?

Latest figures  show that from September 2015 to September 2016 there were 5.6 million cases of cybercrime in the UK with approximately 3.6 million cases of fraud, and 2 million computer misuse offences- an 8% rise in comparison to the previous period. Fraud activity recorded included incidences where bank accounts had been hacked, incidences of fraudulent credit card use, and scams and cons. Computer misuse on the other hand, related to hacking crimes, particularly data hacking, and computer virus, malware and other attacks targeting online services.

With cybercrime on the rise, it’s important for all types of businesses to be vigilant, and ensure their IT systems have the correct software in place. When it comes to vigilance and awareness, one of the most effective ways for companies to prevent attacks is by training employees. One of the easiest ways for cyber criminals to access a business’s system is through an employee’s own device, whether laptop or mobile- this includes email phishing attacks, to viruses entering through attachments or dubious links. Therefore, it’s important that businesses are aware about the types of content to look out for, and can take the necessary reporting steps if necessary. And in terms of software, it’s crucial to ensure proper maintenance is conducted routinely, with the latest antivirus software installed and updated frequently, browsers checked, and firewalls or malware programmes in place.

One of the easiest habits to practice, and one that can be undertaken by all company employees, is to strengthen passwords and routinely change them. Simple measures include creating different log in details for different online accounts and programmes, and ensuring these are strong- a mix of numbers, upper and lower case characters and symbols all make for a more secure password. It’s also worth considering encryption for internal emails and other business communications, just to ensure sensitive data is more greatly protected.

While the majority of small and large businesses alike are starting to rely on cloud services for data storage, this also opens up a wider area for cybercrime- relying on an external security provider ultimately means enabling access to a third-party source. Breaches have occurred as a result of cloud targeting, so storing data here does not offer food-proof protection. Shared technology is vulnerable to attacks, so it’s crucial for both parties to practice due diligence and understand what’s being deployed and stored, whether memory or database files for instance. In addition, businesses should also ensure they continue to back up their data to external hard drives too in case of an attack or misuse.

Does your business have the correct cyber-security measures in place? Do you think you can do more to prevent future online attacks? We’d love to hear your thoughts, so please tweet to us @PracticeDigital and share your comments on our Facebook page.