How to cope
In the last 18 months all of us have lived through the Covid-19 global pandemic. The world has got to grips with it through 3 factors:-
- A combination of brilliant minds delivering a range of vaccines in record breaking time.
- A recognition that it is a disease that is here to stay, and we need to learn how to deal with it and treat it.
- Personal action in taking specific and simple precautions based on scientific advice.
Cybercrime is another pandemic. No-one seems immune and we read about increasingly effective attacks all the time, whether it is a DDOS attack on a government, the shutting down of infrastructure, the closure of health services or the attack on multiple companies through a compromised network management package.
We should also fight this pandemic in the same way that we took the fight to Covid-19 namely:-
- Benefit from lots of diverse technical solutions
- Recognise it is here to stay so learn how to come to grips with it and either deal with it or accept it is going to happen
- Through our personal actions to help keep ourselves and our organisations secure.
Whilst both of them “mutate”, in improving our cyber security we need to ensure all our defences are raised at all times. Like the vaccine, the majority of cyber security defences technically work as all surveys suggest that over 90% of cyber security breaches are due to human error. Surprisingly, most infiltration is through people not in IT department. This suggests that we need to do more in education and training, not just of our technical specialists but of everyone in the organisation. According to one piece of research, 45% of employees received no cyber security training from their employer*. This is an astounding figure. Imagine the impact that Covid-19 would have had, had 45% of people not understood or practiced the simple hygiene rules that Governments suggested. Even more so when the advice and the steps people should take are pretty straightforward.
Guidance from NCSC suggests simple actions to improve our cyber security:-
Personal security
- Use a strong and separate password for your email
- Create strong passwords using 3 random words
- Save your passwords in your browser
- Turn on two factor authentication
- Update your devices
- Back up your data.
Organisational Security Focus
- Use a firewall to secure your internet connection
- Choose the most secure settings for your devices and software
- Control who has access to your data and services
- Protect yourself from viruses and other malware
- Keep your devices and software up to date.
Wherever you look the guidance is effectively the same, and the top hygiene factors are:-
- Strong and safe password
- Keep software up to date
- Keep hardware up to date
- Limit user access
- Back up data
I appreciate there are issues of scale in all organisations but applying these basic rules could keep ourselves and our organisations secure and make us more capable of fighting the virus of cybercrime.
What good cyber hygiene practice will you adopt today?
Find out more about APMG's Cyber Security offerings and how we can help here.
*CompTIA, The Evolution of Security Skills.
