How can companies defend against cyber-attacks?
- Protect against cyber attacks
- Measures in case of emergency
The danger of cyber-attacks on medium-sized companies and thus also on purchasing is high. According to a study by the German Federal Office for Information Security (BSI), around 60% of all German companies were targets of cyber-attacks in 2020. According to the global Allianz Risk Barometer 2023, risk managers in companies are most afraid of IT system disruptions and business interruptions. The survey polled 2,712 risk management experts in 94 countries. Among them were CEOs, risk managers and insurance experts.
Many companies have made supply chains more robust in recent years and are better protected against cyberattacks. However, there are still companies that do not adequately protect themselves from cyberattacks due to a lack of capacity. We have therefore summarized below the most important measures that companies and buyers can take to defend themselves against cyber-attacks and what to do in the event of an emergency.
- Training and awareness: Buyers should educate themselves about the different types of cyberattacks and their methods and conduct regular training to increase security awareness.
- Use of security tools: Buyers can also use security tools such as firewalls, antivirus software and email security solutions to protect their data and networks. In addition, operating systems and programs need to be updated regularly. To ensure this, companies should maintain a complete inventory of all company IT. In addition, all devices and routers should be equipped with a firewall.
- Backing up data: Buyers should regularly back up data and ensure it is stored on external hard drives or in the cloud.
- Collaborate with IT: Buyers should work closely with IT to ensure all security measures are properly implemented and kept up to date.
- Secure home office: Employees who work from home need secure access to the corporate network, for example, via a VPN client.
- Caution with email attachments and links: Everyone in the company should be careful about which email attachments and links they open, especially if they come from unknown senders.
- Use strong passwords: Buyers should use strong passwords and change them regularly.
What should companies do if they’ve been attacked?
- Shut down: Immediately shut down the network or affected systems to prevent further damage.
- Investigate: Investigate the attack to determine the nature of the attack and the extent of the damage.
- Risk Analysis: Conduct a risk analysis to prevent future attacks.
- Recovery: Restoring affected systems and data.
- Notification: Notifying law enforcement and/or a cybersecurity expert for assistance in investigating the attack.
- Communication: Informing customers and other affected parties of the attack and the actions taken.
- Security update: Review and update security measures to prevent future attacks.
Companies should have this checklist ready as a contingency plan.
Tel.: 0211 941 984 33
Pempelforter Str. 50