Protect your business from rising cyber threats

Cyber threats are a part of modern business.

They can’t be abolished completely.

Where attackers see an opportunity for quick rewards, businesses face the risks.

And the threat is rising for every business.

Last year, security breaches increased by nearly 75% compared to 2021.

Being aware of cyber threats is a must, as the consequences of falling victim to them can be dire.

Not just in terms of financial and data losses. But the reputational damage of failing to protect yours - or your customers’ sensitive data - can be severe.

In this blog we’ll highlight the current biggest cyber threats you may face as a business, and provide actionable tips on how you can protect yourself.

What are the most common types of cyber attacks businesses now face?

Cyber attacks come in many forms. They can be directed at infrastructure, poking for holes in order to get into your sensitive information. Or they can be directed at people in order to obtain login details or personal, financial information directly from the source.

These are some the most common types of cyber attacks your business faces today:

The threat within - are you and your team putting your business at risk?

While external cyber threats remain the biggest challenge for businesses, another threat exists that is just as dangerous, but often goes unknown.

This is the threat within your business.

Nearly 70% of cyber breaches in 2023 involved a “non-malicious human element” according to a study by Verizon.

These were simply people falling victim to a social engineering attack, or making a mistake.

Lack of awareness and education pose a significant problem for businesses trying to protect themselves from online attacks.

These are a few things to think about when it comes to keeping yourself safe:

What a cyber breach could mean for your business

The consequences of being the victim of a cyber breach can be immediate, with long-lasting implications.

Financial losses

It’s estimated that cyber crime could cost the global economy more than $10 trillion by next year.

And with the average global breach costing a reported $4.88m, it’s critical to any business’ survival that they’re protected.

Even small losses can cause long-lasting disruption, while larger financial losses can be enough to end a business.

Productivity losses

According to Statista the average number of days it takes to identify a breach in 2024 is 194 days.

The same dataset uncovered companies needed another 64 days to contain the breach.

Uncovering a breach and containing it can often mean pausing business critical systems or rebuilding them while the issue is taken care of, which can have a serious impact on productivity and, ultimately, profits.

Fines and penalties

Data protection has become a much bigger issue from a legal standpoint, with the General Data Protection Regulation in the UK one example of legislation aimed at improving data protection and management.

Fines and penalties under these regulations can be significant (up to €20m or 4% of global turnover in the case of GDPR).

In the US, the Federal Trade Commission can impose fines on companies that fail to maintain proper security. These penalties can be up to $40,000 for each violation (with each day of non-compliance considered a separate violation). 

And this would be on top of any financial losses incurred from a breach.

Reputational damage

Imagine the impact it would have on a customer’s confidence if you became the victim of a cyber breach.

Would they be more or less likely to trust you with holding or processing their information?

The reputational damage from a successful breach is one of the most severe consequences of cyber crime.

You not only risk losing current clients or customers, whose data may have been compromised along with yours, it can also impact your ability to attract new customers in the future if they view you as a security risk.

How to protect your business from cyber threats

While the environment of cyber security may seem alarming, there are some things you can do to protect yourself.

Avoid using public wifi for business purposes

Public wifi networks aren’t secure, meaning anyone within range can access the network and use it to access your data.

One of the most common forms of attacks of this type are known as “man in the middle attacks”, when a hacker is able to get between your device and the server and intercept your data, or even send you to fake websites to get information.

Cyber criminals are also using fake wifi connections, that appear to be genuine, in order to trick users to sign up and exchange sensitive information.

This can be a problem for example if you have staff working from coffee shops or even airports using the publicly available wifi as these are prime targets for cyber criminals looking to exploit these public wifi networks.

Install antivirus or anti-malware 

Security software should be a basic part of your cyber security and should be installed on all devices you use to do business.

Modern security software automatically updates in order to meet new and emerging threats to keep your sensitive financial information secure.

These systems work in the background to identify, block and remove viruses and other malware that could put your information at risk.

Some carry even more advanced features like remote wiping, which allows you to erase data on a machine remotely in the event it was lost or stolen.

Protecting your business from typosquatting & phishing

Phishing emails are one of the most common forms of cyber attack.

They’re usually sent to elicit an action (like sending a payment) - often using a false sense of urgency to panic the user into the action.

Always verify

Before doing anything with an email, always verify that the email has come from an official source.

While phishing emails can differ, they often contain many of the same elements:

If you ever receive an email claiming to be from Stenn asking you to take an action, like giving you payment instructions, do not act until you’ve confirmed the email is legitimate.

The easiest way to do this is by contacting our support team or your account manager.

Protecting your business against credential harvesting

There are a number of ways to combat credential harvesting:

Two factor authentication

This is often referred to as multi-factor authentication or two-step verification.

It simply involves using two forms of ID to access a system or file. For example, using a login on a computer, and entering a passcode sent to a mobile phone. This means that if an attacker is able to get one of your IDs (for example manages to obtain your password), they still couldn’t access your information without the other form of authentication.

Avoid using public wifi networks

Remote working has increased the potential for you or your team to login to public wifi while working out of an office.

These networks are not secure. Even those requiring passwords often have the password displayed in public view.

Public networks can also be shared with bad actors, which might expose your sensitive information further.

If you or your team urgently require internet access but only have options for public wifi, a safer option can be to use your phone data until you’re able to access a secure network, or use a reliable VPN to create a secure connection.

Avoid untrusted devices

Many businesses allow employees to use personal devices for work.

But these Bring Your Own Device (BYOD) policies come with severe risks.

A big risk is you can’t be sure the user has kept their device updated with the latest security software, or even the latest operating system.

Unknown devices can also have applications downloaded on them that may not have high security standards.

Any app with lower security standards is a potential door to a cyber criminal.

Invest in trusted antivirus software

Anti-virus and/or anti-malware software should be installed on any device you use for business.

This software can help to identify and block threats to keep your information secure.

Most modern software includes automatic updates and proactive protection to find and block security breaches before they become an issue.

Use strict password management

Passwords shouldn’t be repeated across accounts.

Using the same password for all of your accounts (or even more than one account) has the potential to be catastrophic for your cyber security. Use and encourage your team to use different passwords for each account or system required.

Use a password manager

Password management software allows you to store any password securely and removes the risk of employees storing them on their own devices on a word document or other file that could be easily accessed.

Use a strong password

Avoid using personal identifying information like names and birthdays as criminals can easily get through these. Microsoft recommends a “strong” password to be:

• At least 12 characters, but more than 14 is better
• A combination of uppercase and lowercase letters
• Use numbers and symbols

Protecting your business against false partnership claims

If you receive a phone call, email or any communication from anyone claiming to be a partner of Stenn and requesting that you share information with them - do not share anything.

Contact us through our customer support team or your account manager and we can verify any information about our partners.

Be aware and keep yourself secure

We’re committed to the safety and security of your sensitive data, and take proactive steps to keep that information secure.

If you ever have any concerns about the security of your Stenn account or are concerned about the validity of any communications you’ve received from us, contact our customer support team on cs@stenn.com.