With the growing digital economy, businesses are at the risk of cyber-attacks almost every day. It is integral to operating a business in a digitally connected world.

In such a scenario, managing risks is very critical and it starts with risk assessment. As businesses embrace nextgen technologies, they are
exposed to an increasing number of nextgen cyber threats, if they fail to manage the risk of IT security effectively. While no organisation can be completely protected, strategies can be put in motion to significantly reduce the potential of a data breach –or at least minimise the impact when
a breach does occur.

Security challenges facing CIOs and organisations will continue to escalate because the payoffs are high for perpetrators, and risks are relatively low. Here are four tips to help turn your organisation and your data into less appealing targets for the bad guys-

Patch promptly: Patches are one of the single-most important cyber security tools that the everyday tech user needs, along with things like anti-virus software and scanning filters. A patch is a small piece of software that a company issues whenever a security flaw is uncovered. Just like its name, it
covers the hole, keeping hackers away from exploiting the flaw. Choose decent passwords: Use "passphrases" rather than "passwords.

A passphrase is simply a different way of thinking about a much longer password. Dictionary words and names are no longer restricted. In fact, one of the very few restrictions is the length – 15 characters. Your passphrase can be a favourite song lyric, quote from a book, magazine, or movie, or something your kids said last week.

Apart from this many productivity applications, like Microsoft Office applications and Adobe Acrobat, will allow you to set passwords on individual documents. To open the document, you must enter the password.

Use two-factor authentication (2FA): Two-factor authentication (2FA) adds an extra layer of security to your account by asking for a verification code after you sign in with your email address and password. Post that the verification code is generated by an application on your smartphone. To gain access to your account, a potential attacker would require your email address, your password, as well as your phone. Hence, we recommend all users enable two-factor authentication for their accounts.

Secure wireless transmissions: Information shared by you over a wireless network is even more subject to interception than sent over an Ethernet network. Hackers really don't need physical access to the network or its devices; anyone having a wireless-enabled portable computer and a high
gain antenna can capture data and/or get into the network and access data stored there if the wireless access point isn't configured securely.

The data should be sent or stored only on wireless networks that use encryption, preferably Wi-Fi Protected Access (WPA).

(Sunil Sharma, Managing Director, Sales at Sophos India & SAARC)