Over the past few weeks, the world has watched the Ukrainian-Russian crisis evolve into a significant conflict, impacting hundreds of thousands of people and businesses. After the conflict broke out, U.S. cybersecurity agencies reported an 800% increase in cyberattacks over a 48-hour period.
Additionally, President Biden warns that a flood of significant cyberattacks may be on the way that could detrimentally affect American companies. Biden and U.S. Homeland Security are urging organizations to secure their systems and data now.
It’s critical that companies are prepared to handle and resolve potential security attacks that can be detrimental to business growth and overall operations. For PR firms especially, this heightened time of security threats could result in a crisis for both their business and clients.
Here are a few steps PR firms can take to protect their internal communications and operations and help advise clients during this challenging time.
Educate employees about the risks
Regardless of threat levels, PR firms’ employees should be educated about security threats and the importance of protecting critical data. Without proper education or awareness, many individuals may not be thinking about the increased risk of a cyberattack and how their actions can contribute to systems’ vulnerability to attacks.
For example, employees should be trained to identify and monitor for malicious links, attachments or phishing in emails and on websites. They should report anything that looks suspicious and flag any emails or content that may contain viruses or threats.
Update security software
Regularly monitoring and updating security software is imperative and ensures all aspects of applications, operating systems, and other technologies are protected against attacks. Outdated security software fails to protect against threats and also gives companies a false sense of security. Security software can only be effective when continuously updated to protect against present and future threats.
Firms must ensure they have security software enabled that’s current, configured and automatically updated regularly. These rules don’t just apply to office technology but all technology and systems – cellphones, tablets, routers, applications, etc. – used by employees, especially those working remotely.
Secure remote devices and accounts
Over these past two years, the increase in remote and hybrid workforces has resulted in heightened ransomware and security attacks through remote access to networks. As a result, firms should verify that only valid accounts have remote access capabilities. This can be confirmed through multi-factor authentication (MFA) to protect remote access. Additionally, all remote technology should be equipped with current security software to ensure the best protection against outside threats.
Evaluate who has login access
PR firms constantly exchange information with outside vendors, contractors and clients. One way to ensure company operating systems, equipment, and data are secure is by evaluating who has access capabilities and login details for these systems.
If firms do not record who has these details, regularly updating passwords and implementing MFA will help control who can access company applications and systems. This will reduce the chance of a cyberattack as hackers will have fewer direct lines of access to company platforms and information.
Create and store information backups
If a ransomware or cyberattack does occur, firms must have reliable backups of essential data. These backups can help companies recover internal and client information that may have been lost during a security breach and help keep operations moving. However, backups are only helpful if they’ve been done correctly. As a result, companies should take time to create an efficient backup strategy and consider the following:
- Decide where to backup information – internal hard drives, external hard drives, removable drives, cloud-based backups, NAS (network-attached storage), etc.
- Split your backups between on-site and off-site systems, so information is available in more than one location
- Establish a standard naming and filing system so data can be easily traced and located
- Identify which files need to be backed up to maximize efficiency
Alert and offer resources to clients
Some clients may be unaware of the growing security risks. PR firms should alert clients, vendors and contractors of these risks and how they can detrimentally impact operations and leave critical information vulnerable.
Having this discussion with clients and providing them with resources – such as security software recommendations, backup strategies and simple security tips like MFA – will help further secure PR firms’ systems and applications, and help clients avoid crises associated with ransomware and cyberattacks.
Rachael Dowd is a senior account executive with Communiqué PR.