Help My Emails Have Been Hacked Again!

It seems like every week, another business is dealing with the fallout from a cyber attack, and honestly, it’s getting worse. With AI making it easier for hackers to impersonate companies and steal data, if your business isn’t stepping up its cybersecurity game, you’re really putting yourself at risk. This isn’t just an IT issue; it’s a management problem that needs serious attention.

Key Takeaways

• The Real Cost: Ransomware attacks aren’t just about buying new laptops. The average downtime is two weeks, and recovery can cost around £8,000 per employee.
• Basic Tools: Your IT team should already be using things like EDR (Endpoint Detection and Response) and MFA (Multi-Factor Authentication).
• Cyber Essentials is Just the Start: It’s the bare minimum, not the complete solution.
• Microsoft 365 Security: There are gaps in many setups, password policies, and device security that need addressing.
• Board-Level Responsibility: This is a business issue, not just an IT one.
• Affordable Improvements: You can make your business more secure without a massive overhaul.

The Growing Threat of Cyber Attacks

These days, it’s becoming alarmingly easy for hackers to get into company systems. They can steal your customer data, lock up your machines with ransomware, and then demand payment. They might even threaten to tell your customers and suppliers that they’ve stolen their information. It’s a scary thought, and unfortunately, it’s a reality for many businesses.

While nothing is 100% foolproof, there’s a lot you can do to stop these attacks from crippling your business. The first step is to stop thinking of this as just an IT problem. It’s a management issue. Business leaders need to understand the risks and draw a line in the sand, deciding what level of risk they’re willing to accept.

Understanding the True Cost

Many people think that if their systems get hit by ransomware, they’ll just buy new computers and be back up and running in a few days. That’s rarely the case. The average downtime from a ransomware attack is about two weeks. And the cost to recover? It’s around £8,000 per employee. Some businesses are only spending about £1 a month per staff member on cybersecurity, and that’s just not enough. You really should be looking at spending about £40 a month per person.

Essential Security Measures

Your IT team should be implementing several key things to protect your business. You can ask them if they’re doing this:

1. Security Awareness Training: Every employee should do a short, 3-5 minute training session each month on topics like spotting phishing emails, using multi-factor authentication, and securing social media. They should also receive fake phishing emails to practice identifying threats. This isn’t about catching people out; it’s about training them to recognise risks.
2. Endpoint Detection and Response (EDR): This involves systems that monitor your network 24/7, ideally noticing and blocking incidents as they happen. These tools aren’t usually very expensive, costing just a few pounds a month per user.

Beyond the Basics: Compliance and Advanced Tools

Once you have the basics in place, you need to look at processes and compliance:

• Password Policies: Do you have a clear process for resetting passwords, how often they should be changed, and how to create strong ones?
• Equipment Management: What’s your process for buying and disposing of IT equipment? Are you following standards for managing the lifecycle of devices? For example, are you letting people take old computers home with customer data still on them? That’s a huge risk.
• Privilege Escalation Management: This is a more advanced tool that helps manage who can install software or make changes. It allows IT to approve or question requests, so staff aren’t constantly waiting for IT to remote in.

Many IT support companies still focus on just fixing printers and Outlook issues, but that’s not enough anymore. You need proactive support. The good news is that these advanced security measures can often be added to your existing IT setup without needing a complete overhaul.

Securing Your Microsoft 365

Most businesses use Microsoft 365, and there are many security features you can enable. For instance, you can limit the number of emails a user can send per day to prevent mass spamming from a compromised account. This might create a little friction, but it’s a necessary step.

This is why cybersecurity has to be a business decision, not just an IT one. People want things to just work, but the problem with cybersecurity is that it works until the day it doesn’t, and then your business might not exist anymore. It’s far better to invest in prevention than to deal with the aftermath of an attack.

Questions to Ask Your IT Team:

• Are we hardening our systems?
• What is our secure Microsoft security score?
• Do we have a process for detecting if our 365 account is hacked?
• Are we using the right Microsoft 365 licenses (e.g., Business Premium or above for better security)?
• Do we have a list of approved applications, and a process for installing new ones?
• Are our systems and software kept up-to-date automatically?

Continuous Monitoring and Improvement

For businesses that need even more protection, there are options like a 24/7 Security Operations Centre (SOC) that uses SIEM (Security Information and Event Management) systems to collect logs and detect problems. There’s also software that monitors your 365 activity, flagging suspicious logins (like logging in from two different continents within minutes of each other) or detecting malicious email rules created by hackers.

Cybersecurity is a constant battle, and it’s only going to get tougher. You need a solid process and you need to move much faster than you have in the past. Investing in security now is significantly cheaper – potentially 50 times cheaper – than dealing with a cyber incident. Businesses that have good incident response plans and have worked with their IT teams are much better equipped to recover quickly with less impact.