Digital marketing is an ever-growing industry that is constantly changing, developing and adapting to match current trends. Given that the digital marketing industry is online-focused and reliant on information systems, there is a huge risk of your systems being hacked, leading to potential downtime, data breaches or financial fraud.
To prevent this from happening, companies need to be investing time and money in securing their digital platforms.
Do you know why cyber security is so important in our industry?
Is My Website At Risk?
Protecting your website is of paramount importance when it comes to your digital strategy. Poorly configured websites are an easy target for hackers and criminals, and a hacked website could lead to financial loss, damage to reputation and regulatory fines.
Some of the most common forms of cyber-attacks on websites include:
Cross-site scripting – this is when hackers inject malicious code into your website in order to infect or steal data from people who visit it.
SQL injection attacks – when attackers send commands to online forms or search boxes. If your site is poorly configured, these commands can give hackers access to the databases behind your website, this tactic was used in many high-profile data breaches.
Denial-of-Service attacks – when hackers or hacked systems bombard your website with traffic in the hope of bringing it down.
Password attacks – passwords can be cracked, especially if they are easily guessable or a simple dictionary word. Cyber-criminals have tools which can bombard a site with viable passwords in the hope of gaining entry to the back-end.
Once an attacker is into the configuration pages of your site, they can run wild!
How Can I Protect My Website?
The vast majority of websites these days use the WordPress platform. Did you know that a few simple configuration changes, such as altering the ‘wp-admin’ login string from the URL, or using lengthy and secure passwords can help fend off password attacks?
Likewise, out-of-date plug-ins make your site vulnerable to attack, so update these as regularly as you can. Two-factor authentication (2FA) should also be a serious consideration for your systems, whether it be your website, email, CRM or social media accounts.
This is when you get a pin code text to your mobile, or create a code in an app such as Google Authenticator. Often 2FA is available and free, yet many businesses never bother to enable it.
If you can enable 2FA – do it!
You should also consider placing your website behind a web application firewall (WAF). This essentially puts your site behind a virtual wall which inspects traffic going to it, blocking nasty injection and cross-site scripting attacks. The system will also regularly scan your site for malware or downtime and prevent denial-of-service attacks.
Good Call and Protos Networks offer a website security package which offers this functionality to a number of our customers – please get in touch with us if you’d like to find out more information.
What About Encrypting Data?
Your customers are the most important entity to your business. If you have no customers then you have no business – and you gain customers after building trust.
One way to build trust with your customers is to ensure that their traffic is encrypted when they visit your website.
This is done by installing a digital certificate on your website (a method often referred-to as SSL or HTTPS). This certificate is digitally signed by a trusted authority on the internet, and ensures that the session between your visitor and your site is encrypted.
Not only is this incredibly important for protecting any information sent and received, but it can also help your search engine rankings and prevents users seeing that annoying ‘this website is not secure’ warning when they visit.
Does It Affect Emails?
If you use a computer, it’s almost certain that you would have come across a spam email.
Email is still the favourite tool of cyber-criminals for distributing malware or sending fraudulent invoices to defraud businesses. It is estimated 1 in every 131 emails contains malware, and that 67% of all malware globally is delivered by email.
There are a number of ways businesses can protect themselves from email spoofing, email accounts being hacked, spam and malware. Ensuring strong passwords and 2FA on email accounts is an obvious starting point, but businesses should also look to put email filters in place to block spam and malware.
Your IT admins can also enable features on your domain which can prevent spoofing and will also ensure your emails don’t get sent straight to junk at the other end.
Should I Be Worried On Social Media?
Often overlooked, businesses should look to protect their social media accounts. These accounts can be hijacked and could seriously damage your brand.
Your social media accounts should be protected in the same way your website or email systems are – with secure passwords, restricted access to only those who need it and two-factor authentication – many social media platforms now have this feature as an option
Social media is also a vehicle used by hackers to manipulate their targets – a method known in the industry as ‘social engineering’. By pretending to be a reputable person or business, attackers could dupe you into handing over valuable information, passwords or by enticing you to click on a malicious link. Keep your wits about you on social media!
You need to take steps to prevent your company’s accounts from being compromised. In addition to protecting your accounts from hacking, you need to monitor employee access to your accounts and secure your account passwords.
– Yoav Vilner, Social Media Examiner
Protecting Your IT Systems
Your internal IT systems are also a target for attackers. By getting access to your local network, PCs or servers, cyber-criminals can not only steal data, but can also wreak havoc and seriously impact business operations.
For example, the average downtime from a ransomware attack is 33 business hours.
Consideration should therefore be given to implementing robust cyber security inside your business.
This could include investing in security hardware and software, ensuring that your systems are regularly patched and making sure they are securely configured. A great first step on your cyber security journey could be the government-backed Cyber Essentials scheme.
This scheme has been developed by the National Cyber Security Centre (NCSC) and ensures businesses are implementing fundamental security controls. It is estimated that when properly implemented, the Cyber Essentials standard can protect against up to 80% of common internet-borne cyber-attacks.
Protos Networks is a licensed Cyber Essentials certification body and can help you achieve the certification. You can find out more about the scheme here.
So, What Is The Conclusion?
As you can see, a lack of cyber security controls can have some dangerous knock-on effects for your business, leading to financial loss, data breaches and serious reputational damage.
By ensuring your digital systems are secure, you can build trust with your customers and focus on the elements of your business that matter most.
If you would like to speak to an expert please fill in the contact form below.