Tips to protect your recruitment business from cyber attacks

Mike Ianiri, sales director at Redsquid, offers his advice to prevent your business falling prey to a cyber attack.

Cyber attacks are targeted at businesses of all sizes. However, 43% of cyber attacks are aimed at SMEs so recruitment firms need to ensure they are protected. What can you do to protect your recruitment business?

Unfortunately, humans are still the weakest link in cyber security protection. Threat reduction requires employee training reinforcing messages such as:

  • Be watchful of new contractors. While most will be legitimate, some cyber criminals will simply walk in and try to infect your machines. If you’re unsure, stop and check. 
  • Query requests for large or urgent payments. This is a common form of cyber attack.
  • When you’re busy, beware: don’t open emails you don’t recognise or if the topic is worrying. Don’t open attachments or click on links designed to infect your machine or network. Fraudsters use addresses and URLs that are very similar to legitimate ones.

You can check training effectiveness with regular simulated phishing attacks. You’ll identify who is following their training and who needs more. We did this internally at Redsquid and reduced click-throughs from 54% to 4% in only three months. 

Protecting your network

Gateway prevention
Email gateways are a great way to reduce mistakes. By passing all your emails through a gateway, you block the malware, phishing and spam emails threatening your network.

Firewalls: If your firewall is a few years old, its ability to protect your network needs to be upgraded, as the threats to your network will have increased. 

Patching: Keep your PCs fully patched. Your operating system provider regularly publishes security updates to protect against the latest cyber threats. 

Windows 7: Microsoft stops supporting Windows 7 on 14 January 2020. You must upgrade to Windows 10. If you also upgrade hardware you’ll benefit from the physical security and performance enhancements built into new machines.

Vulnerability and penetration testing
Vulnerability scanning helps to ensure the security of your systems, services and applications from a number of common attack vectors, exploited by both automated and manual attackers. Vulnerability testing should ideally be done continuously, but at least every month.

A penetration test is an authorised simulated cyber attack on a computer system, performed by a suitably qualified third party. We recommend these are done at least once a year by an independent body (not your IT provider) for the peace of mind it provides.

For recruiters, these tests are particularly valuable to prove you are properly ticking the GDPR box – showing you’re protecting the Personally Identifiable Information (PII) you hold on candidates, clients and staff. 

APIs and web applications
Most businesses are using multiple web applications and APIs to streamline productivity. Check whether the ones you use have been tested for intruder prevention. They can become a back door into your network.

Multi-factor authentication
Multi-factor authentication (MFA) uses multiple devices to protect your network. Your phone can act as confirmation you are who you say you are, for example, logging into an application. Multiple layers of security make it harder for unauthorised users to access your network.

Cyber insurance
Getting advice on the cover you need for insurance against cyber threats is recommended. It can’t replace what’s stolen, however cyber insurance will help your recruitment business recover more quickly. 

• Mike Ianiri is sales director at Redsquid, one of the UK’s leading independent providers of business Voice, Data, ICT, Cyber Security and IoT Solutions. 

• Comment below on this story. You can also tweet us to tell us your thoughts or share this story with a friend. Our editorial email is [email protected]

Molloy leads MBO for Energize Group

Energize Group has completed a management buyout (MBO) led by Craig Molloy, group managing director and co-founder.

Contracts 23 September 2021

More good news on the hospitality, marketing and B2B sectors

Renowned chef and restaurateur Marco Pierre White is looking to fill 80 full and part-time roles as he opens a new restaurant London’s West End.

22 September 2021


This week’s appointments include: Heidrick & Struggles, iSource Group, New Talent, New Directions Group, SThree

People 20 September 2021


This week’s new contracts & deals include: Marlin Green, Pertemps Network Group, Recruitment Group, The Youth Group

Contracts 20 September 2021