You might associate October with scary ghouls and goblins, but it’s the nonstop cyberattacks that are most frightening. Thankfully, October is National Cybersecurity Awareness Month (NCSAM), a time when security professionals come together to share tools and resources to mitigate threats and attacks.

If you think your business is fully prepared, consider this: The number of companies impacted by a cyberattack continues to grow, and the human attack surface is expected to reach 4 billion people by 2020.

Whether acting unwittingly, carelessly, or maliciously…

Employees are the weakest link in your security chain. If employees understand how to stay safe online, they can play a more active role in protecting the organization and its most critical information from cyber threats.

With an increasingly alarming number of breaches attributed to social engineering scams like phishing, October is the ideal time for companies to reflect on their employee online security posture and practices that include:

1. Surf wisely. Using social media and other websites, attackers can collect a wide range of valuable information about companies and their employees. Employees should review their corporate Internet use policy to mitigate risky, unauthorized behavior.
2. Secure passwords. In a majority (81 percent) of breaches, hackers are successfully leveraging either stolen or weak passwords. Encourage employees to use complex passwords that include a combination of numbers, symbols and upper and lowercase letters.
3. Mix it up. Victims of cybercrime aren’t always aware that they’ve been targeted, so remind employees to change their passwords every 45 to 90 to avoid a breach.
4. Keep secrets. Careless employees are the most likely cause of 74 percent of cyberattacks. Employees should never share passwords, user names or other access codes to colleagues, contractors, friends or family members.
5. Avoid phishing. By successfully gaining access through a phishing attack, criminals can install malware, exfiltrate sensitive data or gain control of systems. Employees should never open emails or attachments from unknown contacts or companies.
6. Ask before connecting. Anyone or any device that is connected to the internet can be hacked. Employees should seek IT approval before connecting or installing personal software or hardware to corporate networks.
7. Back it up. Ransomware attacks lock users out from their files. Protect IP by backing up company data and files with electronic and physical copies.
8. Speak up. Scammers use very sophisticated social engineering tactics that can fool a lot of end users, including executives. Employees should report any strange suspicious online behavior to their IT department.

Recognizing the threat is the first step in preparing to prevent an attack, yet 87 percent of SMBs feel they aren’t at risk.

Resilient Intelligent Networks is a Fortinet partner qualified to use Fortinet Security Fabric to keep your business secure online. Whether it’s understanding the technology you need to prevent attacks or applying the employees tip card to your workforce, we can help. Contact us to learn more.