Cyber attacks come in many different forms, including socially engineered Trojans and phishing attacks. A socially engineered Trojan can infiltrate your network if you click on a website link set up to activate it, while phishing attacks (usually delivered in an email purporting to be from a well known sender) asks you to click through a number of pages requesting personal information which is then compromised.

You may have the latest software update, newest virus protection and the best security network but that doesn't mean that if hackers want to attack your business, all your up-to-date technology will prevent a cyber attack.

So what can you do to prevent your business falling victim?

You don't necessarily need to invest in the most expensive technology in order to protect your business. Generally, it's as simple as understanding the risks and training your employees.

Many employees don't know what a cyber attack may involve or what to look for. If your staff aren't trained and lack the knowledge to understand how a cyber attack may occur, that is the biggest risk.

Here are my four tips when training your employees on cyber attacks:

  1. Understand the risks – explain to your employees that if a cyber attack hits the business then the business is compromised. Confidential information is at risk, systems can be infiltrated, systems may need to be restored and work may be lost. All result in down time, loss of profits and, sometimes, more work for your employees.
  2. Install and always update your security software – software should include anti-virus, anti-phishing, anti-spyware and intrusion prevention software to prevent malicious programs.
  3. Enforce password policies – this includes ensuring that passwords (either created by the employee or assigned) are complex and not easy to guess. Always try and use at least one capital letter and one numeral. Do not use birth dates, names or any other personal information that could be easily guessed.
  4. Don't open unknown or suspicious emails, visit unknown websites or click on suspicious links or attachments. Tips for emails: check the sender – if it is purporting to be from Australia Post or the ATO but the email address does not correspond that's usually a dead giveaway.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.