Tolulope Olorundero
Joy is an Executive Communications Consultant. Over the past five years, she has worked with up to 10 senior executives managing their LinkedIn and Twitter accounts, and in some instances - their email accounts. Periodically, she attempts to sign into the accounts of the eight executives she no longer serves; shockingly, seven of them have not changed any of their passwords after her contract ended with them.
Simple, but familiar scenarios - right? This is the norm for many SME businesses and senior executives who require external support from consultants and even team members who come and go.
This article, as you read on as a business owner or c-suite executive, is to nudge you to take proactive steps to minimize the possibility of cyber attacks on your business and brand.
Beyond these seemingly trivial examples, the evidence of increasing instances where cybercriminals are unknowingly employed in organisations abound. External cyber attacks are also on the increase daily. But how does one know that one has been a victim of a cyberattack, and what are the likely consequences?
IBM describes cyberattack as unwelcome attempts to steal, expose, alter, disable or destroy information through unauthorized access to computer systems; while Cisco says it is a malicious and deliberate attempt by an individual or organization to breach the information system of another individual or organization.
Key words to note: malicious, deliveration, unauthorised access, information system, individual, organisation
Back in April, officials of the US Department of Homeland security said they disrupted a cyberattack targeting an undersea cable, the kind of infrastructure that keeps 95% of global web users online, according to Bloomberg. In February, electric vehicle charging stations along Russia’s M11 motorway were disabled by the Ukrainian parts supplier whom had been contracted to supply same. The company retained a backdoor access to the control systems and were able to remotely disable the charging stations and started displaying pro-Ukrainian messages in Russia. In 2020, information leaked that several databases of the Federal Government of Nigeria had been hacked.
These are all fairly recent examples of cyberattacks on businesses and countries that caught the attention of people globally. In Nigeria, the records of fraudulent transactions within the banking industry is no longer news. Unathorised access to customers' accounts and monies suddenly disappearing from accounts (Ify Malo's June 1 post on Facebookn gives an interesting account of this phenomenon as well as her subsequent update about how the money suddenly reappeared in the account within 1 hour upon the intervention of an ED) are just some of challenges bank customers face in the country.
So, what is the solution to preventing cyber attacks on your business? I'll reiterate some simple precautions to implement:
- Set up 2-factor authentication on all your passworded accounts - WhatsApp, Facebook, Gmail, LinkedIn - set it up everywhere. I am certain you have experienced or at least seen the effect of a hacked WhatsApp account where the original owner suddenly starts calling around to explain that they have been hacked, and that messages from their number should be disregarded. Don't be that person.
- Change passwords - I know this can be a chore. But each time you work with a third party whom you grant access to your accounts, ensure to change your passwords upon expiration of your transation/engagement with said third party.
- Proper documentations and handover - organisations are unfortunately lax in this regard, and Human Resources professionals must realise that the exit process in an organisation is crucial. Does your company have an Operating System documentation process? What is the process of updating access to sensitive accounts when a staff is exiting? Handover notes must not be superficial; there must necessarily be an inclusion of a technical and digital handover section that is comprehensive and exhaustive.
- Never use obvious, easily guessed passwords - some of my colleagues in Digital Marketing, while discussing this topic mentioned how some executives would insist that they should simply use '12345' or the MD's name as the password. It may be easy for you to remember such obvious passwords - but it would also be easy for a hacker to guess it too.
- Never click strange links - whether they be sent to you by a trusted friend (who may have been hacked), or from a seemingly trusted email account. Take some seconds to read the message, ask yourself key questions, hover your cursor on the sender of the email to ascertain that the name corresponds with the email address asking you to provide or verify personal information.
Don't be greedy - some people get hacked because they want
to get in on deals that are too good to be true, or mentions of a large
financial windfall they did not work for.
In addition to this, it is important for organisations to
begin planning for a Cyber Security Unit/Department. No, your Digital Marketing
Manager or IT manager may not be sufficiently advanced in preventing cyber
attacks on your systems.
Cyber criminals are on the prowl globally. Move a step ahead
and institute preventive measures to keep your organisation safe.
Finally, what has Communication got to do with cyberattack,
you wonder. See, a strategic communications advisor knows that understanding
the business and risks of their clients is a critical component of service
delivery. I am constantly reading and looking out for issues that may evolve
into business crises for organisations. Earlier in the year, I wrote this
article about three of such issues that organisations must prepare for in 2022.
Not all crises are unforeseen. Many are simply the result of
issues-avoidance or inadequate crisis migitation planning.
Tolulope Olorundero, a Strategic Public Relations &
Communications Advisor | Value-Driven Board Member | Global Speaker & Host
| Executive Consultant - PR & Comms | Founder #NGWomeninPR | SDG 4 & 8
Advocate
.jpeg)
.jpeg)
.jpeg)
.jpeg)
0 comments:
Post a Comment