5 protective measures your employees can take to counter cyber-attacks

Your organization is not invincible from the threat of a cyber-attack.

Did you know? Between January and July of 2022 alone, there were 11,367 cybercrime cases recorded in Malaysia.

Of the 11,367 cybercrime cases:

4,912 cases involving losses of up to RM 199.8 million were done through Macau scams, impersonation, or fraud calls.
5,397 cases involving losses amounting to RM 71.6 million were done through e-commerce crimes.
543 cases involving losses of up to RM 40.6 million were carried out through e-financial fraud or phishing.

Other cybercrimes involved non-existent loans, online purchases, online investments, African scams, Business Email Compromised and SMS fraud.

Don’t let your organization or employees fall victim to these notorious scams. Having a cybersecurity specialist as the first line of defense against malicious hackers is great, but these are five nifty tips which can help strengthen and secure your personal information and assets in the digital sphere.

1) Guide your employees on how to spot suspicious emails

Phishing emails have become more sophisticated over time, resembling professionally written emails. The fraudulent email could lead to unwanted consequences if compromised and can spread malware through links in the message.

It is always encouraged to host a training session with your employees to guide them to spot suspicious emails, even if they seem to come from a reputable source but have a funny-looking or unfamiliar email address.

Alternatively, if your organisation has a dedicated IT department, encourage employees to reach out to IT personnel to test-out the legitimacy of certain emails which seem sketchy.

Providing examples of suspicious-looking messages would be helpful too and get your employees to practice detecting phishing emails from those that aren’t.

2) Create a strong password

Sometimes, the most effective way to prevent a cyber-attack from happening or advancing is to create a strong password. When setting out a password, always follow this golden rule:

Must be at least eight characters long.
Have an uppercase and lowercase letter.
Have a symbol
Has a number (numeric)

3) Set strict rules regarding sensitive business information

Many cyber-attackers use social engineering and technical subterfuge in an attempt for individuals to give up their personal information and transfer money to the assailant using scare tactics.

Set out a strong personal data protection policy and have new employees within your organisation undertake security training before they begin accessing the organisation’s devices (such as desktop or laptop). According to the CEO of Black Talon Security, Gary Salman, he discourages business from sharing logins for network and software. Using one username and password for all employees (particularly for smaller businesses) should also be avoided.

4) Strengthen physical security of company and personal devices

Top-secret and highly confidential files and important company assets should always be stored in high-security file server rooms, where unauthorized access is refused to strangers. If a potential hacker can infiltrate a business and access a terminal, penetrating a network becomes much easier for them.

5) Remind your employees to secure their data and devices

You may send gentle and friendly reminders to your employees to always be wary and vigilant of suspicious-looking or phishing emails. Doing a follow-up training is also helpful or testing them by sending out a suspicious looking email to see if they would react properly following the training session.

If you would like to learn more about security measures to prevent your organization’s data or assets from being compromised by cyber-attackers, check out our latest blog article here: The Human and Organizational Costs of a Cyber-attack – New Horizons Malaysia

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.