Having just managed to fight our way through a grueling two years plus of the Coronavirus pandemic, we are now plunged into the horrors of the Russian invasion of Ukraine. Right now, the Cybersecurity and Infrastructure Security Agency have issued strong recommendations for businesses to ensure their cybersecurity is increased to protect against the very real threat from the Ukraine situation.
We have a duty to keep you as cyber-safe as possible. So, the following gives you the information, so you can make an informed decision on what you want to do.
How can the Russian invasion of Ukraine impact my business?
The fallout from war always brings financial burden, but there comes an ever more direct risk that your business is facing. Geographically you may be many thousands of miles from the direct warzone, but your business can still be affected. Forbes recently released an article and accompanying video stating, “Destructive Russian cyberattacks could cost U.S. billions of dollars in economic damage.” Organizations are being urged to accelerate plans to raise their cyber-resilience. What was good enough yesterday, really is not good enough anymore. One of our clients has already been targeted by a Russian Phishing Attack.
Cybercrime is increasing rapidly, with highly intelligent cyber experts, who are specialists in getting into systems. They are relentless in their attacks and tend to strike in your business’s downtime: holidays, night-time, weekends. You need to make sure you have safeguards in place 24/7/365.
But how will Cyber Attackers get into my systems?
There are many ways that cybercriminals can gain access, but as Cloud solutions, and specifically Microsoft, are the main business systems across the world, it’s important to make sure any weak areas are covered.
Microsoft 365 is an excellent business solution, but the most sophisticated software is only ever as good as its users. This will always be your weak spot. You can’t be on top of your staff 24//7/365, making sure that they don’t click any bad links, turn off multi-factor authentication, etc. You know users shouldn’t use their business accounts for personal use, but are you sure they stick to this 100% of the time?
Cybercriminals will lurk in systems, waiting for the right time to strike. They want your information, and they’ll do everything possible not just get it but also keep getting further access until you give them what they want.
Do you use apps that link with your Microsoft 365?
I know this sounds confusing and you’re probably thinking, ‘I have absolutely no idea.’
The fact is that you probably are. They exist in basic everyday business programs like Calendly, Docusign, Microsoft 365 remote backup, and more. The problem arises when cyber criminals decide to reference these common programs to attempt to gain access.
They send convincing but fraudulent emails with messages requesting users to take action to upgrade/secure/enhance the purported software. All the user must do is follow the simple link and it’s all done. Your staff will never know they’ve done anything wrong, and neither will you, but what they’ve just unknowingly done is granted cybercriminals access to all of your systems.
But I educate my staff, so they’d never fall for this!
Educating your staff is the first step to avoiding data breaches, but it’s not always enough. We’ve seen members of all sectors get caught up in cybercrime because they clicked on an ad or submitted personal information without realizing what was happening behind the scenes – even when you think computer training would fix this type of problem! We are all vulnerable to our emotions and cybercriminals will use this to their advantage.
So, what can I do to protect my business?
Since the Russian invasion and increase in cyber attacks, America’s Cybersecurity and Infrastructure Security Agency recommends that if you are using Microsoft 365, you: “Assign a few trusted users as electronic discovery managers to conduct forensic content searches across the entire M365 environment (Mailboxes, Teams, SharePoint, and OneDrive) for evidence of malicious activity.”
We know the sheer extent of having staff doing this, even if you knew how to, would be exhaustive and totally prevent you from getting on with your fundamental business operations.
Be in control – know what’s going on 24/7/365
We have invested in Security Monitoring Software for Microsoft 365. It will do all of this for you 24/7/365. Yes, even when you’re sleeping soundly in your bed or enjoying quality time with your loved ones. You will be rapidly alerted if anything suspicious is spotted so it can be dealt with before any damage can be done. Alongside alerts, you can see everything that is going on in your Microsoft 365 systems, with clear, detailed reports, showing key security information.
You will be in control, leaving nothing to chance!
What’s the next step?
Don’t let the Russian invasion lead to your business being breached. If you want to make sure your systems are protected as soon as possible, reach out to us today, the Tampa Cybersecurity Provider experts, to get started. Read more about the rest of our cybersecurity stack on our Information Security page. The tools are here, the choice is yours.