If history’s a guide, a coming recession’s going to increase cyber threats worldwide. Is your business prepared?
In late 2009, the United States economy began what would become the longest sustained period of expansion in history. Most of the world followed. In the process, the global technology industry has flourished, finishing the economic transformation from an industrial to an information-based one. The good times have gone on so long that many in the business world have all but forgotten what happened during the financial crisis that preceded it.
During that period, technology investment all but stopped. Well-known companies went out of business. Consumer spending came to an abrupt halt. If the same thing happened again, experts predict that parts of the tech industry would be hit hard this time around. That’s not the biggest problem, though.
The real threat is the effect that a recession would have on cybercrime. Last time, there was a giant spike in botnet activity and digital extortion attempts worldwide. The next time, there would be an even bigger army of tech workers sitting idle, which would be a recipe for disaster. With today’s economic indicators flashing unmistakable warning signs, time’s running out for businesses to get serious about cybersecurity. Here’s an overview of how they can get ready for a recession-fuelled wave of cybercrime.
Retire Legacy Technology
The potential for an uptick in cybercrime couldn’t come at a more inopportune time for businesses. That’s because January will mark the official end-of-life of Microsoft’s widely-used Windows 7 operating system. Despite repeated warnings to upgrade by the Redmond, Washington computing giant, a staggering 79% of business networks still contain at least one Windows 7 machine. That’s going to create one enormously – and impossible to defend – a target for hackers if a recession hits.
The first step in preparing for such an eventuality is to create an action plan to retire technology that’s reaching an end-of-life status. Failing to do so will leave a gaping hole in any organization’s data security, and can’t be allowed. The same holds true for in-house server deployments, which still exist in 98% of all businesses. With Windows Server 2008 retiring at the same time as Windows 7, it’s well past time for businesses to consider migrating to cloud services running on up-to-date hardware and software.
Increase Cyber Security Training
It’s a well-documented fact that a business’s own employees represent the single greatest threat to their data’s security. The fact is, though, they don’t have to be. With the right training and data security policies in place, a business’s workforce can be their greatest asset in the fight to stay secure. The first step is to create a comprehensive and mandatory cybersecurity awareness training program.
This can be accomplished in conjunction with in-house IT staff, or by contracting with a reputable online training provider. Either way, an overall data security policy should be created, with the training designed to give employees the knowledge they need to follow it. If feasible, it’s also a good idea to follow Google’s example and issue security keys to staff members to stamp out the danger posed by phishing scams.
Staff up IT Departments
Despite the mission-critical nature of the work that IT departments do for companies of all sizes, they’re chronically understaffed. Surveys have indicated that this is the case in 42% of all large companies. The situation among small businesses is even more desperate. In a depleted and overworked state, these IT departments don’t stand a chance of maintaining data security when threats become more determined and frequent.
It should be considered a business-critical task to remedy this problem. An effort must be made to increase recruitment to fill open IT positions and to make sure that a well-rounded team is in place. Of particular importance is bringing a cybersecurity expert into the fold, to manage efforts on that front. If that proves difficult, designate an existing IT staffer to the role and provide them with the training needed to become an expert in the cybersecurity field.
Act Now or Pay Later
Nobody can know when the next recession is going to take hold. When it does, though, it will be too late for businesses to shore up their cyber defences to meet the coming challenge. With the economic signs all pointing toward trouble ahead, though, now is the time to take action. Implementing the steps mentioned here and seeking the help and advice of the IT professionals who will form the core of the defence is a great place to start.
Of course, every company will have different needs and face different threats. There’s no one-size-fits-all solution to cybersecurity. The basics, though, will never change. So stay up to date, enforce and empower employees, and give understaffed IT departments the manpower they need to be effective in their work. It’s a small price to pay to avoid disaster when a business can least afford it – in the midst of an economic storm.