Bure Valley Group is an investment introducer platform which links successful investors with exciting, innovative UK startups seeking funding. This content is for information purposes only and should not be taken as financial or investment advice.
In the USA, there is a 62% year-on-year increase in ransomware complaints – with 2,084 reported in 2021. By next year, moreover, 33 billion records are expected to be stolen by cybercriminals (up 175% from 2018). It is not just large, publicly-listed companies that are at risk, however. 43% of attacks target small and medium companies (SMEs), and nearly two thirds of these businesses are unprepared for such attacks.
How can you keep your business safe from cyber attacks in 2022, especially with tactics getting more sophisticated? Below, we offer 10 good practices to include in your cyber strategy. We hope you find this content useful. To find out more about our EIS and other investment opportunities, visit our portfolio page here. To enquire regarding our latest projects and funding (for investors and founders, respectively), you can reach us via:
+44 160 334 0827
#1 Privatise connections with a VPN
A virtual private network (VPN) creates an encrypted “tunnel” around your internet connection as you browse the web. This hides your activity from the government, ISPs and hackers. This is especially useful if workers are connecting via public WiFi networks, such as in a cafe. Popular VPNs on the market in 2022 include Nord VPN and Express VPN.
#2 Check links before clicking
Anyone in your organisation coud receive a suspicious email (e.g. posing as a customer) with a fraudulent link inside. You can check some links by opening the email in your browser and then hovering over the link (revealing the address in the bottom left of your screen). Take extra care, however, by not clicking on suspicious links and visiting the company’s address directly.
#3 Use strong, regularly-updated passwords
Weak passwords on your company accounts (e.g. employee email) is leaving the door open to hackers. Make it a policy to update company passwords regularly and set a high bar for their strength. Discourage staff from writing passwords down to sharing them with each other. You can use a trusted password generator to come up with ideas, and you should considering using special characters, numbers and capital letters to increase the password strength.
#4 Password storage & 2FA
Many businesses will use multiple software accounts, each requiring its own password. Here, it can help to use secure password storage solution (e.g. LastPass) so staff only need to recall one password to access the others. Make this “vault” extra secure by using a secure “2 factor authentication” (2FA) process, which requires login approval from a designated work device (e.g. a company smartphone). Consider not relying on SMS for 2 factor authentication, as this can be hacked if a malicious individual manages to steal a company phone number. Instead, using an app (e.g. Google Authentor) is more reliable.
#5 Disable bluetooth
Hackers can hack bluetooth-enabled work devices when they are switched on. Turn it off if there is no reason to use it! You are usually safe, however, if there is nobody around you within 30ft. The risk in your office, therefore, is likely lower compared to when working remotely in a public place. You can also improve your security by turning your settings to “not discoverable”.
#6 Invest in good hardware
Old computers and devices run the risk of not being able to support the latest software security upgrades. Keep these up-to-date to ensure you can respond quickly to any cyber attacks. As a general rule, computer hardware should be upgrade at least once every 4 years.
#7 Update your software
There are usually three main reasons why software providers offer updates to their customers: to expand features, fix issues that have been identified and improve security. Although it can be annoying to receive a software update notification, be careful not to simply kick it into the grass. Even an update for a “minor” programme could prevent a major security breach later.
#8 Use firewalls & anti-malware
Dedicated programmes can help identify cyber threats and thwart them. Although they cannot provide complete protection as you surf the web, they significantly raise your protection. Again, these software solutions need to be kept up-to-date as new threats evolve.
#9 Invest in employee training
Is your team aware of how cyber threats could seriously affect them personally as well as the business as a whole? Investing in regular training can help keep the issue on their minds and nurture a workplace culture that implements best practice for cyber security. It only takes one mistake by a single person to create a “hole” in your wider security infrastructure!
#10 Employ a “White Hat” hacker
There are professionals out there who specialise in “white hat” hacking, where you can ask them to try and hack your infrastructure (without causing any damage!) so they can identify weak spots and report back to you. Often, these “drills” can reveal security issues that you never thought you had. Take care, of course, to find a professional with a good reputation as he/she engages in this highly-sensitive exercise.
Interested in finding out more about the exciting startup projects we have on offer to investors here at Bure Valley Group? Get in touch today to start a conversation with our team and discuss some of the great investment memorandums we have available here:
+44 160 334 0827