Blog Post
December 19, 2023 | Cybersecurity education
6 cybersecurity tips for the holiday season and beyond
By Field Effect
The holiday season is one of the busiest times for many businesses. It was estimated that American consumers spent $270 billion at retailers and e-commerce sites during the 2022 holiday season alone.
Unfortunately, this is the same season when businesses have to rely on fewer employees and cybersecurity personnel. The combination of increased business traffic and reduced availability of technical support staff makes the holidays an ideal time for cybercriminals to strike.
According to a 2023 report by IBM, data breaches cost businesses in the United States an average of 4.45 million per attack, a figure that has steadily increased. From malware and ransomware to phishing emails or data theft, cybercriminals have many avenues to bring businesses to a screeching halt.
To properly protect a business from malicious bad actors in the digital sphere, it's important to understand the nature of evolving cybersecurity threats and the best ways to mitigate them.
Read on to learn more about the fundamentals of improving cybersecurity at your business over the holidays and for years to come.
Why cybercrime increases during the holiday season
To develop improved cybersecurity countermeasures at your company, it can help to first understand how hackers and digital intruders think.
While cybercriminals pose a threat to companies all year round, threat actors often double down on attacks during the holidays to improve their chances of success.
Here are some main reasons businesses often see an uptick in cybercrime during the holidays.
1. Fewer staff detecting and investigating suspicious activity
Many employees take time off work around the holidays to be with friends or family. This includes on-site or remote staff responsible for addressing network issues, preventing intrusions, and accelerating recovery. With fewer employees to monitor suspicious activity during the holidays, cybercriminals may have an easier time remaining undetected.
Business owners and managers will often travel over the holidays as well, potentially leading to fewer important discussions or reminders about cybercrime. This can leave organizations especially vulnerable to threat actors.
Meanwhile, if business owners or managers are out of town when an attack occurs, it could lead to delays in the response and recovery process. Cybercriminals appreciate delays, as it gives them more time to access sensitive data or cause further damage.
2. Higher email traffic conceals phishing attempts
As many businesses see a surge in sales and customer requests over the holidays, the number of incoming emails increases proportionately. This surge in email traffic can lead to overlooked phishing or otherwise malicious emails.
Although spam filters on email accounts will typically block a majority of obvious fraudulent activity, cybercriminals too are increasingly better at avoiding detection.
For example, threat actors may use personalized information, such as the names of key people within a company, to make an email appear legitimate. In addition, cybercriminals have learned how to deploy malware in emails by attaching files through Google Drive or Dropbox to avoid sandbox inspection of documents.
3. Higher probability of businesses paying ransoms
Since many businesses are often busy with increased sales and consumer traffic over the holidays, many cybercriminals see this as an opportunity to deploy ransomware.
This is what happened to American meat giant JBS over the 2021 Memorial Day weekend, as cybercriminals managed to freeze the company's networks using a form of malware. To ensure a quick recovery, JBS paid 11 million in Bitcoin to restore their systems.
Since many businesses are already strained and short-staffed during the holidays, some may feel more obligated to pay ransoms to keep operations running smoothly, especially if the business costs of not paying outweigh the price of the ransom.
4. Increased chances of acquiring valuable data
The retail eCommerce market in the U.S. brought in nearly $228 billion in sales over the 2022 holidays. An increase in sales naturally leads to an increase in private data, including credit card transaction information or customer contact details.
For threat actors, launching a successful cyberattack over the holidays can provide a much more substantial payoff in terms of private data or identity theft.
But it's worth also noting that data exfiltration isn't always the end goal. Cybercriminals may turn around and extort businesses after stealing customers' private data.
For example, following a data breach at one community college in Hawaii, the decision was made to negotiate payment with the cybercriminals to avoid releasing the private information of some 28,000 individuals.
Tips for improving cybersecurity at your business
It's no secret that today's interconnected world continues to pose unique risks for companies big and small. While the range of cybersecurity threats can seem daunting, there are several ways businesses can protect themselves from malicious activities.
Here are six straightforward and effective ways to bolster your organization's cybersecurity.
1. Improve cybersecurity training for employees
A well-informed workforce is the first line of defense against cybercriminals at any organization. Business owners should provide staff with thorough, up-to-date training on how to identify potential threats and defend sensitive data from threat actors.
Cyber risk reduction training should include the importance of creating strong passwords, how to respond when security incidents occur, and protocols for properly handling private customer data.
In addition, employees should receive training on common email phishing techniques and scams. As cyber threats evolve, it's important to update employee training materials accordingly.
To get started, here's a few quick tips from our security expert, Alyssa Parenteau:
2. Keep up with timely patching and updates
In many cases, cybercriminals will gain entry to networks and systems through various software vulnerabilities and exploits. Operating systems and applications should be updated regularly to protect all connected devices from intrusions.
According to the HIPAA Journal, unpatched software vulnerabilities are the most common way cybercriminals deploy ransomware.
What's more, take time to ensure that all security updates and patches come from reliable sources. Be cautious of downloading files from suspicious websites, especially any that lack an SSL Certificate next to the URL.
3. Invest in a 24/7 managed security solution
One of the best ways to protect a business at all times is to invest in expert 24/7 managed security for your entire IT infrastructure—endpoints, network, and cloud services.
The right managed detection and response (MDR) solution will continually monitor systems to identify potential threats and proactively work to stop them before they can cause a disruption. Beyond that, the right solution will actively block and detect known suspicious activity in real-time, letting dedicated security teams focus on unknown and emerging threats.
In the end, a comprehensive managed security service means your business is protected at all times, even if your IT or security staff are enjoying a few days off for the holidays.
4. Enable multifactor authentication (MFA)
Multifactor authentication should be enabled on all business-related software and services used by employees. Aside from using malware, cybercriminals may attempt to gain access to systems using stolen account names and passwords used within a business network.
By activating MFA, threat actors with login credentials won't be able to access network resources without taking additional steps, such as verifying a login on a new device through an authentication app.
Alternatively, multifactor authentication may require individuals logging into various business accounts to possess a specific security token, such as a USB fob connected to the device.
Additional ideas for protecting sensitive accounts include using fingerprint scanning or facial recognition technology on devices like smartphones used for work.
5. Back up all critical data regularly
It's vital to back up all critical files and private data constantly, ideally onto a secure cloud server or a hard drive separated from the rest of the network. Remember, data backups stored on work computers can also be compromised if threat actors gain access.
Storing backups in secure locations outside the workplace is also important, in case natural disasters impact the business.
For maximum data security, it's best practice to create multiple backups stored in different locations just in case a hard drive or external storage device becomes lost, damaged, or destroyed. It's also advisable to keep one backup on a secure cloud in addition to physical hard drives.
6. Devise a comprehensive recovery plan
Another vital aspect of any company's cybersecurity initiative should include a complete recovery plan following a successful data breach, malware attack, or other form of network intrusion.
Depending on your company's resources, this recovery plan may include steps for isolating and eradicating the threat, restoring lost data, and ensuring business continuity.
Smaller businesses that lack dedicated cybersecurity teams can rely on incident response preparedness services to ensure greater resilience and success when faced with an attack.
Since the costs of cyberattacks can be staggering, it may be a good idea to explore acquiring cyber insurance to help mitigate expenses incurred from the loss of digital assets, sensitive data, and various liabilities such as lawsuits from customers or vendors.
Dealing with cybersecurity threats this holiday season and beyond
Navigating the ever-changing nature of modern cybersecurity threats can be challenging. That's why it's always a good idea to seek the support of trained and experienced experts in the field.
At Field Effect, we provide a sophisticated MDR solution to keep your business safe from threat actors 24/7/365. Covalence, our all-in-one cybersecurity solution, delivers comprehensive protection across endpoints, networks, and cloud-based services.
This hands-free solution promptly identifies anomalous behavior and responds automatically to keep your most critical assets safe from bad actors. To learn more about how Field Effect can defend your business all year long, book a demo today.