Christmas is a time for rest, festivities, and…. cybercrime. Sadly, hackers will not be relaxing this holiday season. Bad actors all across the world are gearing up for the next ‘Christmas hacking season.’ As online shopping grows in popularity and businesses ‘wind down’ for the holidays, this period becomes a veritable feast for cybercriminals.

Christmas is the worst time of year for many businesses to be hit by a cyber-attack. Not only is it demoralising, but it also means that employees will have to work overtime to investigate the hack and repair any subsequent security gaps. Additionally, because Christmas is a high trading season for many businesses, a security breach might have a significant financial impact on sales. This could result in a tarnished reputation, the inability to be successful during a period of high spend, or even the company going bankrupt.   

Every year during the holiday season, the United Kingdom sees about a third of all global attacks on online shops. If statistics from around the world are taken into account, the total number of cyber attacks worldwide is estimated to be approximately 50 million during the Christmas period.  For example, if your e-commerce website suffers a security breach, your shoppers may be unable to purchase Christmas gifts and may opt to shop elsewhere. After all, time is of the essence, and can customers truly trust your website to handle their financial information safely? 

Salt’s Top Tips on how to protect your organisation this Christmas:

Build an incident response plan:

Even though a cyber-breach isn’t on your Christmas wish list, it’s crucial to be prepared in case the worst happens. The extent to which you respond to a breach can make the difference between a slight setback and going out of business. You must have a tried-and-true plan in place to minimise business downtime and important data loss.

By using a secure communications platform such as Salt which is routinely used by organisations across the globe to fulfil their incident response requirements. Salt’s secure communications platform allows customers to transmit important information to their employees in a time of crisis. Crucial information will not get missed with one way communication channels for employees to act upon. Our technology will override silent and do not disturb settings to ensure urgent situations are dealt with immediately through an external safe haven communications network. 

Have a BYOD policy in place:

A powerful, intelligent, and widely dispersed mobile threat is assembling its forces in preparation for an attack on your network before the end of the year. It’s migrating from store shelves to hiding spots under millions of Christmas trees, where it’ll start stealth attacks, in a steady stream.

In today’s workplace, bring your own device (BYOD) is an irresistible force. It is now possible to create very restrictive networks that are essentially immune to BYOD. In fact, regulatory compliance is required for specific functions in particular businesses. However, there are specialised exceptions. People expect and even require the usage of personal mobile devices in the office in most workplaces.

As the effects of the coronavirus pandemic continues, many businesses were forced to allow employees to use personal devices for work. However, your firm must implement an efficient BYOD security posture to decrease the danger of data loss, device penetration, or a network breach. This should include ensuring that software is up to date, setting security controls, encrypting data, and ensuring that the device can be remotely wiped if it is stolen or hacked. To make sure that staff follow the appropriate procedures, it is critical to foster a culture that is focused on Cyber Security best practices.

Make sure all passwords are updated:

Employees should avoid using pet names, their date of birth, family names, their favourite vacation spot, and so on when it comes to password policies. Despite the fact that a simple birthday post may appear harmless, hackers can obtain a great deal of information from your social media accounts. 

The moral of the story is to avoid oversharing online, to keep accounts private, and to use unique and randomly generated passwords for each account. You can use a company-wide password management to limit the possibility of your staff using weak and recycled passwords, and ensuring that current passwords are changed on a regular basis.

Educate employees on the increase of phishing scams:

Phishing is a type of fraud in which a hacker impersonates a genuine brand and directs users to a malicious website in order to obtain personal information or credentials. Not long ago, phishing was exclusively targeted at customers, and malware was thought to be the most serious threat to organisations. Phishing is the most common social attack on enterprises today, accounting for more than 75% of all security breaches. 

Do you have confidence that your employees will not fall victim to phishing scams? Education around phishing is especially crucial during the holiday season, when scams are more common and employees often let their guard down as the season winds down. Phishing simulation tests are a useful technique to assess fraud awareness on a regular basis. It’s an opportunity to detect security flaws and put your personnel training to the test in a real-world setting.

Cybersecurity isn’t just for Christmas:

Cyber attacks against businesses, individuals, and organisations have increased dramatically over the holiday season. While security is more relevant and necessary at this time of year, the truth is that cybersecurity is important all year. This necessitates a continual examination of a company’s risk profile as well as the new tactics utilised to target clients. Organisations and individuals will be better protected against existing and emerging cyber dangers if they act and acknowledge this. 

To discuss this article in greater detail with the team, or to sign up for a free trial of Salt Communications this Christmas contact us on info@saltcommunications.com or visit our website at saltcommunications.com.

About Salt Communications:

Salt Communications is a multi-award winning cyber security company providing a fully enterprise-managed software solution giving absolute privacy in mobile communications. It is easy to deploy and uses multi-layered encryption techniques to meet the highest of security standards. Salt Communications offers ‘Peace of Mind’ for Organisations who value their privacy, by giving them complete control and secure communications, to protect their trusted relationships and stay safe. Salt is headquartered in Belfast, N. Ireland, for more information visit Salt Communications.