Guest blog: Cybersecurity – Is your information protected?

Posted by: Alycia Lowdon on May 15, 2017

Have you ever considered a cyber attack to be a risk to your business? In today's global environment cyber security is something everyone should take seriously. Steven Mah, from the Calgary Emergency Management Agency (CEMA), shares some basic information about cyber security and a few tips to help protect your business.  

In May 2016, the University of Calgary was hacked in a ransomware attack that encrypted their email server systems and demanded a $20,000 “ransom” for the decryption key. It disrupted multiple systems, caused headaches for faculty, students and administrators and required significant cleanup.

Unfortunately, this attack on the University of Calgary is not an isolated case. Not only are cyber attacks on the rise, but they are targeting businesses of all sizes. If you have an online presence or even simply use the internet, you and your business are at risk of a cyber attack.

So what should you know about cyber threats and security? Here is a quick introduction to some of the more common cyber threats along with some simple tips to make your business more resilient.

Common cyber threats

Phishing is an attempt to gain access to computer systems, usernames, passwords etc by posing as a trustworthy source. An example might be an email disguised as if it came from your bank asking you to enter your account and password information.

Spear-phishing is a more targeted form of phishing, where personalized information is used in an attempt to access information. Criminals may access social media sites to obtain information (banks, retailers you frequent, etc.) to personalize their attack. The familiarity of the information is an attempt to make you believe the email is legitimate, like an email from a retailer you’ve shopped with asking you to confirm your user id and password.

Malware (malicious software) is any software that is installed on to your computer that may disrupt computer operations, gather sensitive information or gain access to private systems. 

Ransomware is a type of malware that sees malicious software or code installed on computer systems typically encrypting or locking access to critical files. Owners are then asked to pay a “ransom” for the decryption key for access to the files.

Cyber security tips

Education is the best defense against cyber attacks. Take the time to educate yourself and your staff about common cyber threats, the dos-and-don’ts of cyber security and establish clear internet policies.

Backing up files on a regular basis may minimize the impacts of a ransomware attack and will provide you with additional options against the attack.

Be aware of unsolicited emails demanding action and type URLs directly into the address bar instead connecting directly from the link in the email unless you are sure they are legitimate.

Strong passwords should be at least 8 characters in length and contain a combination of numbers, symbols and letters. Passwords should be changed on a regular basis and different passwords should be used for different accounts.

May 15 – 19, 2017 is Business Continuity Awareness Week and we encourage you to continue to educate yourself on cyber security. Visit the Government of Canada’s Get Cyber Safe website  for more information on cyber threats and security as a resource for all businesses.  

Steven Mah is a Business Continuity & Recovery Planner with the Calgary Emergency Management Agency (CEMA), where he develops corporate standards for business continuity excellence and conducts workshops on various aspects of business continuity planning.