A cyber incident is any event that affects your stored information or your IT resources and could significantly harm your business. The range of cyber incidents is large and includes malware infections, blackmail, theft of confidential data and misuse of bank accounts.
What does the term “cyber incident” mean in detail?
Along with business interruptions, cyber incidents are among the biggest business risks worldwide, according to the Allianz Risk Barometer 2019. It should be remembered that cyber incidents can also lead to business interruptions, for example, if they affect production facilities, lock computers or delete servers. For the individual companies, a cyber incident can cause high costs. According to Allianz, the average reported damage in Germany is two million euros.
Common types of cyber incidents are:
- Infections by programs that lock one, several or all computers and require a ransom, after which payment the lock will allegedly be reversed (which is not always the case)
- Infections to programs that contain important information, such as deleting customer data
- Accidental or malicious deletion of your data by employees or former employees
- Phishing (fraudulent emails)
- Social engineering (information theft through abusive relationship building, often with people only invented for this purpose)
Where do cyber incidents occur in my daily work?
Unfortunately, a cyber incident can be encountered at many points of your working day. For example:
- After a careless click on a link in an email
- After opening an email attachment containing malicious software
- After connecting a USB stick brought by a customer
- After connecting a privately used smartphone to the corporate WLAN
Unfortunately, the consequences can be significant and cause great damage to your company.
From a positive point of view, there are many opportunities for you in your day-to-day work to protect your company from damage caused by cyber incidents, through your deliberate actions.
What can I do to protect myself from cyber incidents?
Effectively minimizing the different types of cyber incidents is a comprehensive task, but every action helps. Whether it starts with you, personally, the entire staff, in the server room, or on the network. For example:
- As a principle, do not click on links in emails. Instead, consciously use the detour via the browser.
- View email attachments with great distrust. If necessary, check the origin independently of your email program (eg by phone).
- Try to avoid off site or private USB sticks as much as possible
- Set up a separate Wi-Fi network in your company for devices that are also used
- privately, such as smartphones.
Further interesting information can be found at
- Further information and findings from the Allianz Risk Barometer 2019 www.allianz.com/en/presse/news/studien/190115_allianz-risk-barometer-2019.html
- Internet Crime Guidebook of the police of Lower Saxony with explanations and options for action www.polizei-praevention.de/themen-und-tipps/pc-gesperrt-ransomware.html
- IT Security at the Workplace topic page from German Security on the Net www.sicher-im-netz.de/it-sicherheit-am-arbeitsplatz
- On the botless website you will find security tips, programs for checking suspicious files online, as well as first responder programs, such as for removing malware www.botfrei.de/de/index.html