Industry experts the world over are in unanimous agreement – cybercrime is, beyond question, on the rise. In a recent poll, the majority of business owners cited online crime and hacking as the primary danger facing their firms, while the costs associated with cybercrime in 2021 topped out around $6 trillion (and are predicted to reach $10.5 trillion by 2025).
As companies increasingly come to rely on their data, IT services and networks, so the risk to firms operating online in any capacity will continue to increase.
How online criminals are targeting smaller firms
Within the global business community there is an unfortunate truth that many firms are either oblivious to the dangers they face online or are too complacent to address them. Where once hackers targeted their resources at larger companies, there has been a worrying trend over recent years to go for smaller operators – mostly because lower-revenue, smaller firms often believe they don’t provide sufficient temptation for online criminals. Unfortunately, the truth couldn’t be more different and Small to Medium-sized Enterprises (SMEs) have become one of the top targets for cybercriminals – with many of these attacks taking place over email, often playing on our innate human want to trust.
How to address your email service’s security gaps
With so many risks associated with email communications, companies are slowly starting to implement increased security provisions to help protect themselves from malicious attacks. Here are just a few ideas you could try:
Encrypt your emails: Email encryption can be done in one of two ways, and is one of the most secure ways to protect your mail. Transport-level encryption encrypts messages only during the transit phase (i.e. server to server) while end-to-end encryption adds another level of protection by requiring log-in credentials (even once the email has arrived at the recipient’s inbox). It’s worth remembering, if your company operates in certain sectors (i.e. healthcare), you must employ end-to-end encryption to protect your patients’ health information (thereby leading to a HIPAA compliant email in line with government standards).
Employ Two-Factor Authentication (2FA): Another extremely successful way to protect your email from unwanted access is to employ Two-Factor Authentication (often simply referred to as 2FA). If you’ve used any modern banking online services recently, you’ll probably already be familiar with the concept of 2FA – a process where a code is sent to your cellphone to gain access to an app or other similar online service. 2FA works so well because, while it’s possible your account details might have become compromised, it’s very unlikely the attacker will also have access to your mobile device.
Limit email forwarding: Often, it’s very tempting to just hit the ‘forward’ button and send an email to another client or associate without considering the sensitive information that may be contained in the email thread. This can happen when it comes to both work and private emails where you might disclose information never intended for the next recipient. By limiting your email forwarding habits and, instead, opting to copy/paste relevant text into a new email, you will greatly reduce the chances of compromising your private information.