Picture this. You’re sitting at your desk, working diligently. Your phone is nearby, so you pick it up quickly, just to check if there are any new messages. In the short time it takes you to do this, a cyber-attack has occurred somewhere in the world.

It’s the scary truth that hacker attacks strike every 39 seconds. Inga Beale, CEO of Lloyd’s Bank, believes that we live in a world “where the threat from cyber-crime is when not if.”

But despite the seriousness of this threat, many businesses remain ill-equipped to tackle it. A recent surveyrevealed that less than half of information security professionals believed they could protect their organizations from cyber threats.

Dangerous practices or inadequate protections are putting many businesses at high risk. If your organization is making any of these common cyber security mistakes, you could be too.

1. Crossing that bridge when you come to it

Fail to prepare, prepare to fail. If your approach is to “cross that bridge when we come to it”, chances are that bridge is already burning.

To respond effectively to a cyber-attack, you need to be prepared now. Define an escalation procedure in the event of a crisis. Which staff members are involved? What actions must each take? Who alerts your workforce – and who gives them the approval to do so?

Practice your response process through simulated attacks. Trigger fake phishing emails to test staff awareness and understanding. Is their response appropriate? Do the actions they take reflect those prescribed by your security policies?

Being organized in advance allows you to respond at pace when an attack comes. Needing to work it out on the fly, when everyone is distracted and stressed, is a recipe for disaster.