As most entities look to advance their technology infrastructure post pandemic, cybercriminals are on their own digital transformation journey. Trends like remote work, Internet of Things (IoT), bring-your-own-device (BYOD) and cloud initiatives have given hackers new ways to infiltrate your organization by exponentially expanding the attack surface. Technologies like artificial intelligence (AI) and machine learning (ML) have given hackers new tools to distribute malware, vector in on high-end targets and reach bigger and more diverse audiences. And as these technologies evolve, cybercriminals are becoming increasingly stealthy, sophisticated and evasive.

Each year, businesses lose hundreds of millions of dollars as a result of cybercriminal activities, but the damage is not just monetary. Businesses’ reputations are at risk. Cybercrime costs are expected to increase 15% each year through 2025, with annual costs predicted to reach $10.5 trillion, according to Cybersecurity Ventures.

Recent ransomware attacks that temporarily shut down the Colonial Pipeline in the U.S. and JBS, a worldwide meat processing company, illustrate what is at stake. Millions of consumers were impacted by gas shortages as Colonial was offline for several days, and the attack on JBS threatens to raise meat prices in several countries.

Cybercriminals add new cards to their deck every year, and the rate of cybercrimes continues to multiply. The continuing rise of cyberattacks will keep the online landscape at risk for the foreseeable future. Here are some steps technology leaders can take to minimize cyber risk, and its impact on the data they manage, and keep cybercriminals at bay:

• Install or update antivirus software. As we approach 2022, malicious actors are changing rapidly and viruses are becoming stronger; that’s where antivirus software proves to be your first line of defense. A trusted and updated antivirus program is a must to protect your network from modified viruses and malware.

• Enable a firewall. Activating a firewall is necessary to block unauthorized access to your network. It blocks shady sites and keeps filtering traffic that arrives on your network. If anyone tries to attempt anything illegal on the network, the attempts will fail and be blocked.

• Set up a VPN (virtual private network). Remember that with each passing day cybercrimes are getting more sophisticated. Cybercriminals might use technical skills to access your network for phishing purposes, data theft, privacy breaches and more. Therefore, connecting to a VPN is essential to keep your network traffic encrypted. Moreover, using a VPN with a router gets you network-wide protection for a multitude of devices like smart cameras, Xbox, Firestick TV, and other IoT devices.

• Do not click on unknown hyperlinks. Always look carefully at what you click. Many hackers incorporate a payload in a URL. When you click on the malicious URL or download a file, the payload gets to sleep in the system and activates when triggered to easily monitor your browsing activities, passwords and other confidential data. It may lead to a severe data breach or identity theft.

• Turn off browser autofill. When you turn on browser autofill, your name, number, email, and address is saved in the browser field. The information can be easily tracked when your system gets hacked. Therefore, always turn off your browser autofill option. In addition, do not provide your personal information anywhere unless it is important.

• Use parental control software. Using parental control software is an essential precaution for kids’ online safety. With parental control tools, parents can monitor children’s online activities. It also helps parents to limit websites that children can access, ensuring a safer and well-protected environment.

• Do not use hotspots for financial transactions. Hotspots or public Wi-Fi networks are extremely vulnerable to cybercriminals and should be avoided for confidential online activities like financial transactions or business communication.

• Do not make your social posts public. It is not wrong to say that your social media account is the door to your life. Anyone can browse your social accounts to check your personal life, i.e., home address, pet name, close friends and much more. Such information can help hackers guess the answers to security questions protecting your accounts, putting your online security at risk. The best bet to avoid such exposure is to make your social posts accessible to close friends only. Moreover, try not to share information on social mediums.

• Never use the same account passwords. Your account security mainly depends on the password that you are using. If you use the same password for all your accounts, chances are good that all your accounts will be hacked if one gets compromised. Therefore, try to frequently change your passwords and make them complex by adding numerals, capital letters, or symbols.

• Activate multi-factor authentication. Websites and banking platforms must emphasize enabling multi-factor authentication. Organizations can also use a digit key that is directly linked with the user’s smart phone. It is the best way to stop hackers from breaking into sensitive accounts.

• Routine vulnerability scanning. Use routine penetration testing and vulnerability scanning to identify flaws before cybercriminals do. Review your technology infrastructure periodically for changes or suspicious content.

• Data security compliance. Privacy laws often dictate security protocols around how data is sent, stored and disposed of. Check what needs to be done in your industry and ensure associated criteria are met.

• Education. Hackers are not the only ones who can gain power from information. By educating yourself about the types of scams that exist on the Internet and how to avert them, you are putting yourself one step ahead of the cybercriminals. Since phishing is prevalent, read up on the latest phishing scams and learn how to recognize a phishing attempt. Remember, phishing is when hackers attempt to lure you into revealing personal information by pretending to be a legitimate organization or person. These scams often play off major news stories, so keep informed on the latest news-related scams.

• Use common sense. Despite the warnings, cybercrime is increasing, fueled by common mistakes people make such as responding to spam and downloading attachments from people they do not know. So, use common sense whenever you are on the Internet. Never post personal information online or share sensitive information such as your Social Security number or credit card numbers. Exercise caution when clicking on any links or downloading any programs.

• Be suspicious. Even if you consider yourself cyber savvy, you need to keep your guard up for any new tricks and be proactive about your safety. Back up your data regularly in case anything goes wrong and monitor your accounts and credit reports to make sure that a hacker has not stolen your information or identity.

Although protecting yourself takes some effort, there are a lot of resources and tools to help you. By adopting a few precautions and best practices, you can help keep cybercrime from growing.

Copyright © 2022, CBIZ, Inc. All rights reserved. Contents of this publication may not be reproduced without the express written consent of CBIZ. This publication is distributed with the understanding that CBIZ is not rendering legal, accounting or other professional advice. The reader is advised to contact a tax professional prior to taking any action based upon this information. CBIZ assumes no liability whatsoever in connection with the use of this information and assumes no obligation to inform the reader of any changes in tax laws or other factors that could affect the information contained herein.

CBIZ MHM is the brand name for CBIZ MHM, LLC, a national professional services company providing tax, financial advisory and consulting services to individuals, tax-exempt organizations and a wide range of publicly-traded and privately-held companies. CBIZ MHM, LLC is a fully owned subsidiary of CBIZ, Inc. (NYSE: CBZ).