Protecting Your Business Against Holiday Cyber Threats: Essential Precautions and Best Practices

Similar to the summer holidays, the Christmas season often prompts companies to ease up, inadvertently lowering their guard. Considering that 90% of cyberattacks utilize email as the primary mode of intrusion, and with numerous emails flooding our inboxes daily, a momentary lapse, like opening a malicious attachment, could prove catastrophic.

To avert any unwelcome surprises, it's crucial to establish robust security practices before heading on holiday or when working in solitary at the office.

Don't post on social media that the office is closing:

Cybercriminals engage in social engineering by scouring professional social networks to pinpoint targets. They extract specific details like your role in the company, your connections, and the projects you publicly discuss.

Unwittingly, you divulge a treasure trove of business information. Publicly announcing your absence provides cybercriminals with assurance that you'll be absent during a potential intrusion attempt.

Worse yet, in a CEO fraud scenario, someone could impersonate you and manipulate an employee into disclosing sensitive information. Hence, rule number one for a secure holiday season: refrain from broadcasting your absence on social networks!

Reiterate essential cybersecurity practices to your employees:

During this critical period, employees can often be the weakest link in a company's security policy. Take the opportunity to reinforce good cybersecurity practices among your staff:

• Always verify the email sender's identity.
• Seek advice if you have the slightest doubt about a suspicious attachment.
• Avoid responding to requests that come from outside the company domain.
• Refrain from connecting any unauthorized USB flash drive

If you are not using your workstation, turn it off:

Cybercriminals often propagate through a company's network by moving from one machine to another, termed as "lateral movement." If you're away from your desk and don't require your machine to be operational, it's advisable to turn it off. By doing so, in the event of a cyberattack, your machine won't be compromised, plus it helps conserve electricity.

• Avoid keeping the default administrator password on your printers:

While many companies allocate substantial resources to safeguard their network with firewalls, protect workstations using antivirus or EDR, and secure messaging through anti-phishing solutions, there's a critical oversight often missed: securing printers. Surprisingly, some of the most significant cyberattacks originate from such oversights.

If it is not already done, remember to change the administrator password of your printer connected to the network, you will avoid having an unpleasant surprise when returning from vacation.

Imagine, despite all precautions, your company falls victim to a cyberattack. How should you respond?

Firstly, stay composed. Swift action increases the chances of halting the threat. Establish a crisis management process detailing various scenarios, from simpler incidents like downloading a malicious attachment without opening it to critical situations where all computers are encrypted by ransomware, paralyzing operations.

Document this plan on paper. It should outline each step's role and a list of actions to undertake within the initial minutes, the first hour, and the subsequent three hours.

Conduct an inventory of sensitive data, ensuring regular, comprehensive backups are available. If your company lacks the technical expertise to reinstall infected machines or cleanse the IT infrastructure, prepare a contact sheet of individuals to reach out to in emergencies.

Remember to write this on paper because your email and all of your computers have been encrypted and you will not be able to access your contacts.

Make sure you have all the phone numbers of your employees to allow you to communicate on a messaging solution such as Facebook messenger or WhatsApp if your company's telephone systems has been hit.

The more prepared you are to deal with this situation, the more likely you are to save your business. Figures from our 2023 Secuirty Navigator report indicate 60% of SMEs close within 6 months after being hacked.

To feel at peace while on leave, you must be able to answer these four questions:

• How often is your company's data backed up?
• Where are they stored?
• Is all the data critical to the operation of your business saved?
• Are you prepared for any type of event (cyberattack, fire, natural disaster)?

To answer these questions, we recommend that you adopt the "3-2-1 backup" strategy. This consists of having at least 3 copies of all your essential data to restart your activity. These backups must be stored on two different devices such as a hard drive, dvd, usb stick, NAS or on cloud storage. And one of these backups must be stored away from your company's site.

With this strategy, you will be able to handle the situation by reinstalling the infected machines.

Applying good practices may prevent you from having to deal with a security incident between Christmas and the New Year. So, ask yourself the right questions before going on holiday!

Unfortunately for us, this period is also conducive to internet scams. So be careful when you make Christmas purchases on e-commerce sites that you are not used to. This is the period that delivery companies such as Colissimo, UPS, Fedex, DHL or DPD are also regularly impersonated. Be catious with the text messages and emails you receive asking you to pay money to receive your package.

Finally, keep in mind that your bank will never ask you to reset your access, or to connect to your customer account through an email.

After reading this guide, you can now fully enjoy the magic of Christmas protected against any cyber risks!