How to Secure Your Business During The Holidays

  • Save

Cybercriminals can strike at any time. When you take some time off during December and January, how do you ensure your business remains cyber-safe? During major holiday periods, ransomware attacks jump a whopping 30%. Holidays also experience increased online scams, exploiting themes such as gift sales, package deliveries, and charity drives.

Seeing that people generally open 70% of phishing emails, holidays significantly increase cybercrime risks, and many target distracted staff or security skeleton teams. “Even routine holiday notices are security risks,” says Gerhard Swart, Chief Technology Officer at cyber security company, Performanta. “Criminals use things like out-of-office replies to pick their targets.

For example, they might send an urgent message to someone who is on leave, urging immediate action for some kind of crisis and catching their target in a distracted mindset. They could also pretend to be that person and manipulate someone at the office, and nobody might notice until that person returns from holiday.”

Business email compromise and man-in-the-middle attacks are good examples of such tactics. Once criminals identify that someone is not at work, they have more opportunities to create fake emails that extract and divert payments from unsuspecting employees and customers. They might also launch attacks while fewer people are handling security duties.

Securing Your Business During The Holidays

Knowing your business is more vulnerable during holidays is an opportunity to address the situation beforehand. Some best practices include:

Work with a detect-and-remediate service provider: Managed security service providers (MSSPs) operate 24/7 detection and remediation services. They use ongoing monitoring to spot anomalies and unusual behaviours across your technology estate and can act immediately to deter attacks and remote attackers.

Update and test systems: Holiday periods reduce activity on business systems, providing a window to test and update systems. This strategy aligns well with using agnostic attack surface management (ASM) services to audit systems’ security and patch statuses and develop appropriate update plans.

Ready an emergency response plan: Establish response plans specific to holidays, taking into account staff leave. If your CISO is abroad on holiday, make sure there is someone at the office who can handle those calls. Even if key personnel must return to the office, you don’t lose precious time waiting for them to arrive.

Limit access: Liaise with departments such as human resources to see who is on leave and limit access accordingly. Create policies and procedures in case someone needs remote access in an emergency.

Train staff for phishing and scams: Holidays lead to a spike in phishing attacks because they can exploit people’s distraction. Train your staff on these dangers for business reasons and to help safeguard their activities during the holidays.

Prepare for supply chain attacks: Online criminals exploit the inherent trust of supply chains. Create guidance to scrutinise correspondence with partners (a hotbed for business email compromise attacks), unusual orders, and system integrations or privileged access arrangements.

Activate Multi-Factor Authentication (MFA): MFA is very effective at stopping account breaches and should be a mandatory feature for anyone logging into your business systems. Additionally, train staff to anticipate tactics such as MFA fatigue attacks (where criminals overwhelm someone with MFA requests) and tactics that target MFA credentials such as sim swapping and keyloggers.

When they take time off, people can develop “holiday brains” where they are more relaxed and less alert. Criminals stoop to exploit this and ruin it for everyone except themselves. The risk of experiencing a cyberattack is very real, but with the right precautions, you can keep it from escalating.

The first step is to realise that holidays create a bigger threat of cyberattacks. Once you acknowledge this, you can take action. Start by talking to your security provider. They have the know-how and procedures to look for those risks and reduce them. As always, awareness and action are the two steps that will ensure your company is cyber-safe, even when most people are at the beach.