Like it or loathe it cybersecurity is something you need to be on top of if you are running a small business. One wrong click and you can open yourself up to a whole ball of hassle at best anda financial loss at worst. But then I shouldn’t be ‘scaremongering’ you into reading further, as today’s cybersecurity expert explains, it’s nothing to fear, it’s something to become passionate about.
Andrea Manning most certainly is passionate about what she does. “They say that when you find something that sizzles your bacon you’ve found your dream job, and I have to say cybersecurity sizzles my bacon, I absolutely love it,” she exclaims. “The stories and the intrigue, it’s all so exciting – it’s all psychology, it’s all human. It’s not tech, 90% of the data breaches are down to human error.”
It’s that interest in human error which prompted Manning to start up her own company Data Influence helping small businesses to understand GDPR and to improve on their cybersecurity.Recognising a gap in the market, where smaller businesses were not being catered for when it came to companies delivering cybersecurity courses to large organisations, Manning set about designing her own programme allowing SMEs a slice of the pie.
Calling it CyberPie she says, “I’ll be teaching small businesses cybersecurity and GDPR one bite at a time with my very positive approach – taking away the doom and gloom normally associated with this area. You have to build a security mindset, you can’t do it in one shot, there’s no silver bullet, just build it one little byte at a time.”
Manning is currently in Phase Two of the Enterprise Ireland New Frontiers programme which is preparing her to launch her new offering on the 4th of May. But, until the cybersecurity force can be with you, she has very kindly given us three easy way we can protect our data and our business today.
Read your emails and texts aloud.
The act of reading out aloud you emails and texts will make you pause and think before acting. All phishing emails raise an emotion whether it’s anger, fear, urgency, or curiosity. What if your bank account has been hacked, or you are about to lose your Facebook account, or if you don’t click now you are about to miss out on this one time offer? Any kind of raised emotion is a sign that it’s a phishing email. So, if you read it out aloud you might pick up the errors in the message, and just the act of pausing will stop you clicking before you have identified if it is safe to do so. The five emotions they’ll play on is greed, curiosity, urgency, helpfulness, or fear. If any of these emotional reactions are triggered as you read the message aloud step back, it’s a red flag.
Be wary of one-time passwords or codes.
Look out for the WhatsApp one-time passwords scam. Somebody tries to take over your WhatsApp account by asking for a password reset. You will get a code sent to your phone saying that you tried to reset your WhatsApp account and here is the code. They will then call you with an automated phone message telling you someone has tried to hack your account and you should have received a one-time passcode, which of course you did. They will ask you to read it and as soon as you do hand over that ‘one-time password’ they can take over your account. If you have not requested a one-time password, in any situation, never give that code to anyone, if someone calls looking for it just hang up.
Install a password manager.
Some of these are free and some are only €3-5 a month, a small price to pay for password protection. The three main ones Manning recommends are Dashlane, LastPass and 1Password. Signing up to a password manager is one of the best things you can do because the biggest problem is password reuse. You can check how secure, or not, your email address and passwords have been on the internet by checking in Have I Been Pawnd? The website will tell you if your email address has been involved in any data breaches and also how many times your password has been exposed (you can check passwords here).If you are using the same email and password for everything once they take it from one account, for example, your Dropbox, they will enter it into a programme to try it against Netflix, Zoom, Mailchimp and all the rest, until they get in somewhere. They are not even hacking by doing this, they are simply just logging in. You must use different passwords for everything. It is hard to make secure passwords and manage them all - a password manager does all of that for you.