Cyber security has been a hot topic for a while now, but its relevance absolutely blew up in 2017.
In May 2017, WannaCry ransomware spread like wildfire across the globe crippling public utilities and large corporations alike, particularly impacting those that were still running older versions of the Windows operating system.
But that was merely a prelude to what would come later. In September, Equifax, one of the largest credit reporting agencies, announced hackers had accessed the records of 143 million of their customers. Hackers got away with people’s names, Social Security numbers, birth dates, addresses and even some driver’s licenses numbers.
And 2018 isn’t off to a great start either as Intel recently announced many of their chip models contain a design flaw that leaves pretty much every computer built with an Intel chip vulnerable to snoopers searching for sensitive data. This flaw affects chips manufactured from 1995 onward, with cloud environments hit hardest. Google, Amazon, Microsoft, and Intel have been working for months to release patches for these vulnerabilities, dubbed “Meltdown” and “Spectre.”
Cybercrime, computer viruses, and attacks are not going away. If anything, we should expect to see more of them in 2018. So what can we learn from them? Here are four lessons: 
Computers running Windows 10 were safe from WannaCry, but the ransomware still spread quickly because so many companies were still running Windows XP and Server 2003, which already reached end of life years ago.
Microsoft announces end of life dates for its products years in advance. For example, if you are currently still running Windows Vista, you should upgrade right now. It went end of life last April, but Windows 7 users are safe for two more years. Some companies have made changes to become less reliant on email such as using a product like Slack, Stride or Microsoft Teams that allow colleagues and partners to communicate outside of email.
These products, and those like them, may reduce your risk of attack because they have security and scanning features built-in. They also block outsiders from spoofing email addresses, but they should be viewed only as one of multiple measures to be taken against attacks. They’re not a guarantee cyberattacks will not happen to you or won’t be successful.
Avoid “End of Life” Scenarios
Not everyone can afford to upgrade to the latest desktop or server operating system. But you should not wait to replace your software or hardware until it has reached its end of life, when the manufacturer no longer releases security updates.
Do Not Assume You Are Immune from Attack
When companies as large as Target, Home Depot, Equifax, and even the NSA, fall victim to cyberattacks, nobody should feel overly confident they are immune from attack. Some small companies may believe they are safe because hackers will go after larger and richer companies, but that is not always the case. Symantec reports that 43 percent of cyberattacks targeted small businesses, primarily through phishing schemes. Quite the opposite, some hackers will go especially after smaller companies because they are smaller and less likely to have security measures in place. Our lives and our data reside in a digital world, which means there will always be criminals searching for ways to reach it. No company, big or small, should ever assume an attack cannot happen to them.Train Your Employees
One employee falling for a phishing attack or clicking on a bad link can put your entire organization at risk. Your employees should be trained to deal with suspicious emails and recognize the signs of a phishing attack. They are your first line of defense.
