Cybersecurity is a major concern for businesses of all sizes and sectors. According to a report by IBM, the average cost of a data breach in 2023 was $4.4 million, [1] and the average time to identify and contain a breach was over 280 days. Moreover, cyberattacks are becoming more sophisticated and frequent, with ransomware, phishing, denial-of-service, and other types of attacks posing serious threats to the security and reputation of businesses.
However, there is a way to protect against 99% of these attacks, the answer is Cyber Hygiene. Cyber hygiene is the practice of following basic security principles and habits to reduce the risk of cyberattacks. According to the UK National Cyber Security Centre (NCSC) [2] most cyberattacks exploit basic vulnerabilities that can be easily prevented or mitigated by following simple cyber hygiene practices.
For example, using multi-factor authentication (MFA) can prevent unauthorised access to online accounts, even if the password is compromised. MFA is an authentication method that requires the user to provide two or more verification factors to gain access to a resource, such as an application, online account, or a VPN. MFA usually incorporates a password, but it also incorporates one or more additional authentication factors, such as something you have (e.g. a smartphone, or a secure USB key), or something you are (e.g. a fingerprint, or facial recognition).
Apply Zero Trust Principles
Zero trust principles are a set of guidelines that help you design and implement a secure network that assumes that the network is hostile and that each access request is verified, based on an access policy. Zero trust principles include:
- Verify explicitly: Always authenticate and authorise based on all available data points, such as user identity, location, device health, service or workload, data classification, and anomalies.
- Use least-privilege access: Limit user access with just-in-time and just-enough access (JIT/JEA), risk-based adaptive policies, and data protection to help secure both data and productivity.
- Assume breach: Minimise blast radius and segment access. Verify end-to-end encryption and use analytics to get visibility, drive threat detection, and improve defenses.
By applying zero trust principles, you can significantly reduce the risk of cyberattacks and data breaches and improve the performance and efficiency of your network. Zero trust principles can help you achieve a higher level of security, compliance, and trust in your network and data.
Use Extended Detection and Response (XDR) and Antimalware
If you want to protect your devices and data from cyberattacks, you need to use both extended detection and response (XDR) and antimalware software. XDR and antimalware are complementary solutions that work together to provide comprehensive security for your network, endpoints, cloud, and applications.
XDR is a security solution that uses multiple data sources such as endpoints, networks, identity, and cloud environments to detect and respond to cybersecurity threats. XDR collects and correlates data from different security layers, providing greater visibility and context into the threat landscape. XDR also uses automation, artificial intelligence, and machine learning to identify, analyse, and remediate threats in real time, reducing the workload and complexity for security teams.
Antimalware is a security software that blocks viruses and other types of malware from infecting your devices and data. Antimalware scans your devices and files for malicious code and removes or quarantines any threats it finds. Antimalware also provides protection against ransomware, spyware, adware, and other types of malware that can compromise your privacy and performance.
By using both XDR and antimalware, you can achieve a higher level of security and resilience against cyberattacks. XDR and antimalware can help you prevent, detect, and respond to threats faster and more efficiently, and reduce the risk of data breaches and downtime.
Keep Up to Date
Patching out of date systems is the process of applying software updates or fixes to close security holes found in the products. These security holes, also known as vulnerabilities, can be exploited by attackers to compromise the systems and data. Patching out of date systems can significantly reduce cyber risk, as most cyberattacks exploit basic vulnerabilities that can be easily prevented or mitigated by following simple cyber hygiene practices [3]
However, patching out of date systems can also pose some challenges, such as:
- Availability and compatibility: Some systems and applications may no longer receive security updates from the developers, especially if they have reached their end of life or support. This means that they will remain vulnerable to new threats and attacks. Furthermore, some systems and applications may not be compatible with the latest patches, which can cause performance issues or errors.[4]
- Cost and complexity: Patching out-of-date systems can be costly and complex, especially for large and distributed organisations. It may require dedicated resources, tools, and processes to identify, test, and deploy patches across the network. It may also involve downtime, disruption, and user training.[5]
- Human error and resistance: Patching out of date systems can also depend on human factors, such as user awareness, behavior, and preference. Some users may not be aware of the importance of patching or may not follow the patching policies and procedures. Some users may also resist patching, due to fear of losing data, functionality, or familiarity. [6]
Cyberattacks are a serious threat to businesses of all sizes and sectors, and can cause significant financial, operational, and reputational damage. However, by following simple cyber hygiene practices, such as using multi-factor authentication, zero trust principles, implementing XDR, and educating employees about cyber threats, businesses can protect against 99% of cyberattacks, according to the UK National Cyber Security Centre.
We hope you found this blog useful and informative. If you have any questions or feedback, please feel free to leave a comment below or contact us. Thank you for reading and stay safe!
[1] Cost of a data breach 2023 | IBM
[2] Understanding vulnerabilities – NCSC.GOV.UK
[3, 4, 5, 6] Device Security Guidance – NCSC.GOV.UK