Four security insights to stay safe this festive season

Employees are often the first line of defence and need to play their part to ensure holistic protection. File picture: Pexels

Employees are often the first line of defence and need to play their part to ensure holistic protection. File picture: Pexels

Published Dec 19, 2023


It’s that time of year when businesses begin winding down for the holidays, employees are setting their out of office messages and people are starting to say, “We’ll touch base in January.” While many organisations will be taking a break over the next few weeks, cybercriminals will be ready to take advantage of the more relaxed behaviours and habits that characterise this time of year.

As teams start to book their leave and plan skeleton staff duties, it’s this shift in dynamics that creates an opportune environment for cyber threats.

With this in mind, it’s an important time for organisations to fortify their cybersecurity measures and ensure the protection of sensitive data and systems.

Maintain good cybersecurity hygiene

While cybersecurity solutions are built to keep organisations and their data safe, employees are often the first line of defence and need to play their part to ensure holistic protection. It’s a good time to remind staff about good cybersecurity hygiene and encourage them to stay safe while online.

Simple habits such as double-checking attachments and links received on email can go a long way to preventing an attack. Trend Micro’s latest research found that there was a notable increase in spam attachments during the first half of 2023 with the leading spam attachment file type being PDFs followed by EXE, DOCX, DOC and HTML. Rather be more suspicious of file attachments, especially if they come from unknown email addresses. By taking a moment to see who the email is from, employees and their organisations can ensure they prevent these threats from entering their network.

The same applies to links embedded in emails. At this time of year, many of us are receiving marketing emails about must-have gifts or a discount on this or that. It can be tempting to click on these links, but it’s safer to head directly to the retail site through the browser rather than clicking in the email and accidentally heading to a phishing website.

Don’t become a ransomware victim

Trend Micro’s October research found that the number of ransomware incidents in South Africa increased by over 40% between September and October. Ransomware groups continue to update their tools and techniques to ensnare unsuspecting victims. It’s a sophisticated and organised industry that has cybersecurity professionals constantly on alert.

Taking proactive steps will help to prevent and mitigate the impact of ransomware attacks. Organisations need clear visibility across their network to provide their IT teams with a complete view of the attack surface and the assets that need to be protected. Adopting the right solutions, such as attack surface risk management and extended detection and response (XDR), can help to meet an organisation’s unique cybersecurity needs. This approach supported by a Zero Trust strategy establishes the right foundations in reducing the risk within any organisation against ransomware attacks.

Follow the 3-2-1 backup rule

It can be terribly demoralising to have made headway on a project only to lose all the work due to a cyberattack. To make sure that no data is lost over the holiday break, stick to the 3-2-1 backup rule. Create three backup copies on two different media with one of the backups in a separate location.

Regular backup processes supported by cloud infrastructure can help prevent cyberattacks disrupting an organisation’s operations in the event of a data breach, attack or lost device. IT team can then easily access and restore the lost information and allow teams to get back to work seamlessly.

Accept that update

Before employees log off and close their laptops for the year, make sure they have the latest security updates. Rather than ignoring or hitting snooze on that security reminder, encourage staff to click accept as soon as it appears. While some employees might see these downloads as a speed bump during their day, these software changes often have important security patches that need to be applied to address vulnerabilities and prevent an attack.

With the arrival of the festive season, organisations are presented with a unique set of challenges when it comes to maintaining a robust security posture. By ensuring the right safeguards are in place, organisation can navigate the holiday season with confidence and resilience.