November 5, 2025
How do I improve my cyber security? 11 easy tips
Cybersecurity is becoming increasingly important, such as a survey by PwC, The BCG Global Compliance & Risk Report or a new Bitkom study on cyber insurance and cyber security have recently shown.
But what are simple security measures that can be taken to better protect yourself against cyber risks and meet the minimum requirements for taking out cyber insurance?
1. IT contingency plans create
It is important to be resilient in the event of a crisis. An IT crisis plan should therefore be developed which defines how to behave in the event of a cyber attack in order to harm to reduce as much as possible. With the help of these measures, the company can return to day-to-day business as quickly as possible.
2. Train employees
In addition, the emergency should be “rehearsed”: For example, there is phishing training, In which fake phishing attacks are sent to employees over a certain period of time. The outcome of phishing attacks is often very worrying, which is why it is all the more important to sensitize employees. Cyber training should therefore be an integral part of employee education. In this way, the “human error potential” can be reduced.
3rd patching
An IT inventory list helps to get an overview of available hardware and software. This is important to then ensure that the available IT assets are up to date. Security patches provided by the manufacturer should be installed as soon as possible to fix vulnerabilities discovered in previous releases. Updated software/firmware significantly reduces the risk of cyber attacks.
4. Data backup
The regular creation of backups (e.g. with SimpleBackups) is essential. Because if the data is encrypted by ransomware, for example, you make yourself all the more blackmailed if the data is not backed up. These backup files must also be regularly checked for functionality, consistency, and timeliness.
5. Multi-factor authentication
Multi-factor authentication means that at least one additional step is required in addition to a user name and password (two-factor authentication). One example is that a code is sent via SMS to a stored mobile phone and this must be entered. Passwords can be leaked, stolen, or found out. Multi-factor authentication therefore makes it difficult for hackers to get into the application.
6. Strong passwords
123456 or password as passwords are not sufficient. Such a generic password can be overcome in just a few seconds/minutes. It is best to define password security rules or a Password managing tool (particularly strict rules for admin accounts or other user accounts with increased authorization).
Such criteria include:
7. Firewall
A firewall should be installed to monitor incoming and outgoing data.
8. Virus protection
A company should have up-to-date virus protection installed on its IT devices used for business processes and other IT devices connected to the corporate network, which is automatically updated.
9. Outdated hardware
To be secure, technology must be brought up to date. It is not enough “just” to install security patches and thus keep the software up-to-date, but the hardware should also be up to date. Especially because outdated hardware can often no longer be brought up to date with the latest software version.
10. VPN
A VPN prevents a direct connection to a website's server from being established when you visit it. For now, the device is connected directly to a VPN server and not to the website itself. This means that the website operator can only see the IP address of the VPN server, and the identity of VPN users remains hidden from third parties.
11. Cyber Safe from Baobab Insurance
Baobab Insurance combines prevention with insurance coverage.
Thanks to Risk Scan, vulnerabilities are identified, which are also exploited by hackers. And should there be a crash, Cyber Safe offers the necessary insurance coverage.
Here find out more.
