23 April 2020

How to Improve Cybersecurity of Your Business Online?


COVID-19 outbreak caused economic stagnation. At the same time, we are trying to aid our businesses with technology that helps us diversify the way we contact our clients.

However, besides many advantages and facilitation provided by easy Internet access, there are a lot of potential disadvantages, or even threats, waiting for us in cyberspace.

How to improve cybersecurity and protect your data? Let’s start with listing possible cyber threats.

Cyber threats

It’s not only us who are trying to maximize our efforts. Cybercriminals are very busy too. They are looking for every low hanging fruit. We need to be sure that we are out of their reach.

What you need to do depends on the type of your cyber presence. Even simple web pages, if unmaintained and unattended, can pose a threat.

A scenario in which a website is hacked and defaced is the optimistic one. A much worse situation occurs when your infrastructure becomes a tool to spread malware, and you don’t notice anything.

Everything looks normal until your domain becomes recognized as dangerous or you get a bill based on the usage of data from your hosting provider. And that could be a huge bill.

How to ensure the security of cyberspace

1. Identify your online properties

What can, and should, you do? First of all, you need to identify each and every part of your cyber presence. Websites, mail servers, e-commerce, domains, etc. You need to identify all the things that you have to secure.

2. Audit for validity

The second step focuses on auditing everything and checking its validity.

  • Maybe some security flaws need fixing?
  • Are the correct certificates installed on your websites?
  • Have you changed default passwords and set the secure ones?
  • Is there any CVE identified in any part of your infrastructure?

That is only a small part of questions that need answers. Sometimes that part already helps save money and identify features or services that you don’t really use and you can switch them off.

3. Look for similar properties

When your cyber infrastructure is updated you can dig deeper.

You can look at domains you own, or should own, to minimize the possibility of fraud. A similar domain can become an easy way to „hijack” data of your clients.

Sometimes a simple typo is enough to redirect to a malicious website, that can look just like yours.

The cost of cybersecurity

Is it pricey? It depends. Most of us can do at least part of the tasks mentioned above.

There are many automated security scanners online that are free (most of them are used to advertise commercial services). Some of them do the job pretty well, but only in case of simple webpages, etc.

More complicated tasks need to be performed by professionals. In the end, you need to ask yourself: can we afford to compromise Internet-based communication with our clients?

We can support you with secure software development

Kamil Goryń
Head of Cybersecurity at ProtectHut

Head of Cybersecurity at ProtectHut, responsible for mentoring and pentester team coordination, as well as security audits of IT projects. With PhD in security, he’s a lecturer at University of Białystok, focusing on cybersecurity. Co-organizer of BiałQA meetup and a member of IT Systems’ Quality Association.