Entrepreneur Cyber Hygiene #3 | Raiffeisen Bank Aval Entrepreneur Cyber Hygiene #4 | Raiffeisen Bank Aval
New MyRaif convenient application
Download Download
Menu
For private customers For businesses Premium Corporate clients
Cards
Loans
Deposits
Insurance
Online services
Account
Loans
Deposits
My Business Club
Online services
About premium
Packages
Loans
Deposits and Investments
Insurance
Accounts and Payments
Financing
Deposits
Services
Online services
Sign in Transfers and Payments
For private customers Entrepreneur Cyber Hygiene #5 | Raiffeisen Bank Aval Entrepreneur Cyber Hygiene #6 | Raiffeisen Bank Aval
Cards
Loans
Deposits
Insurance
Online services
For businesses Entrepreneur Cyber Hygiene #7 | Raiffeisen Bank Aval Entrepreneur Cyber Hygiene #8 | Raiffeisen Bank Aval
Account
Loans
Deposits
My Business Club
Online services
Premium Entrepreneur Cyber Hygiene #9 | Raiffeisen Bank Aval Entrepreneur Cyber Hygiene #10 | Raiffeisen Bank Aval
About premium
Packages
Loans
Deposits and Investments
Insurance
Corporate clients Entrepreneur Cyber Hygiene #11 | Raiffeisen Bank Aval Entrepreneur Cyber Hygiene #12 | Raiffeisen Bank Aval
Accounts and Payments
Financing
Deposits
Services
Online services
Entrepreneur Cyber Hygiene #13 | Raiffeisen Bank Aval Entrepreneur Cyber Hygiene #14 | Raiffeisen Bank Aval Entrepreneur Cyber Hygiene #15 | Raiffeisen Bank Aval Entrepreneur Cyber Hygiene #16 | Raiffeisen Bank Aval Entrepreneur Cyber Hygiene #17 | Raiffeisen Bank Aval Entrepreneur Cyber Hygiene #18 | Raiffeisen Bank Aval
Eng
Menu
Transfers and Payments Sign in
Blog
06 August 2019

Entrepreneur Cyber Hygiene

With the development of digitalization, threats to information security for each business are growing. Ukraine is vulnerable to hacker attacks, not only the financial and transport systems, but also small businesses suffer from them. How to protect information from external influences?

Virus is force majeure

Cyber risks took the second place among all risks for business, according to Allbiz polls. But entrepreneurs have already forgotten about the catastrophic consequences of last year’s Petya A virus attack. “The first 2-3 months were massive requests for cyber audits, now they are solitary,” says Vitaliy Yakushev, 10Guards operations director. Then, more than 3,000 entrepreneurs turned to the Kyiv Chamber of Commerce and Industry with a request to help arrange a virus attack as force majeure, which prevented the implementation of the agreement.
Over the past year and a half, significant changes have finally occurred in Ukraine. Adopted the law "On the basic principles of ensuring cyber security of Ukraine", which classified the types of cyber threats. The Anti-Crisis Center for Cyber Security of Business was established at the Kiev CCI in the format of public-private partnership. Therefore, a virus attack can now be officially confirmed as force majeure by the Kiev or regional chambers. But it’s more profitable not to wait until this happens.

Cyber resistance

“If you are on the Internet, you are already at risk,” warns the chairman of the Committee on Electronic Communications at the Ukrainian CCI, Vladimir Kolyadenko. Typically, risk points, according to Yakushev, are:

  • enterprise management systems (AUSUP, ERP)
  • customer communication systems (CRM);
  • financial reporting, inventory control and inventory;
  • Internet banking, remote banking services;
  • automated process control systems (process control systems, SCADA)
  • web applications, portals, online stores, electronic payment systems, etc.

Losses can be either direct (stolen money) or indirect: simple business processes or the enterprise as a whole, data loss. The victims of cyberattacks are not only large and medium-sized businesses, but also web resources, small businesses, and individual entrepreneurs. The goal of the attackers can be profit, revenge, self-affirmation, training, competition. And more often than not, negligence or ignorance become their helpers. 95% of information security incidents are caused by human factors, according to IBM.

The rules of cyber hygiene are simple, says Roman Shirshov, an expert at GS "CyberKovcheg":

  • Put a firewall and do not let strangers with their flash drives
  • Test all software before installation, especially free
  • Update the software to the versions recommended by the manufacturer (it is the vulnerabilities that manufacturers usually fix)
  • Train staff to “keep watch” information
  • Use complex passwords / password and access management systems
  • Encrypt everything possible
  • Make backups regularly

The access control system should depend on the position of the person in the company, goals and objectives. For example, from the latest cases: the offended administrator took access to the list of counterparties of the bakery. Competitors bribed the secretary and took the director’s laptop with company data. Thieves sent a fake letter to change the password to the bank account.

Anatoly Klichich, secretary of the Anti-Crisis Center for Cyber Business Protection at the Ukrainian CCI, notes: “Generation Z carries the greatest risks for business cyber security, according to an IT report. 34% of young people aged 18-24 (the so-called digital natives who have been using gadgets since childhood) said they did not understand what was included in the cybersecurity policy. And it is likely that they will not comply with the rules of their company. ” Generation X is the most cyber-safe employee.

Alexander Lipsky, head of Lipsky marketing group, advises to ask yourself to minimize the human factor:

1. Does the enterprise have an approved procedure for using IT resources: the procedure for installing and using software, storing and protecting information, the frequency of creating backup copies, access rights for employees to servers, the procedure for using work computers and telecommunication networks, removable media, the use of digital signature and so on like that?
2. Does the enterprise have a digital archive of documentation: scanned copies of contracts and accounting documents?
3. Does the company provide remote access to the accounting database in case of emergencies and failure of corporate servers?
4. Are there cryptographic protection and two-factor authentication on the servers?
5. Is all mail in the “cloud”?
6. What is stored on employees' work computers?

You can check the cyber security of your business right here or in here

Business security depends on how and which people use technology!