Would you leave your front door or car unlocked for just anyone to enter? Hopefully, the answer is a resounding no. We all take such precautions on a daily basis, so often in fact, that it just comes naturally.
Every organisation trains its employees in health and safety procedures but very few provide training in basic cybersecurity. Even after years of security experts highlighting the advantages of such training, we continue to see incidents where businesses are breached as a result of basic security practices not being followed.
According to the government’s Cyber Security Breaches Survey 2017, seven in ten large businesses reported a breach or attack on their systems. With so many businesses storing the personal data of customers and suppliers they are appealing targets for criminals seeking to commit fraud and identity theft.
“The majority of cyber incidents exploit basic security controls that have been lacking. By practising good cyber hygiene and implementing security controls effectively an organisation can significantly reduce its attack surface from the majority of cyber-attacks,” says Sachin Bhatt, Head of Incident Response at XQ Cyber.
There are a few other basic measures that we can all take to make things tougher for cybercriminals. These include;
One of the main reasons people and organisations don’t invest properly in cybersecurity is the belief that they will never fall victim to a cyber-attack. Small businesses, in particular, are vulnerable to this thinking as they believe that they are too small to appear on a hacker’s radar. In reality, SMEs are often targeted due to them being regarded as a ‘soft touch’ and a potential gateway into a larger businesses supply chain. It’s because of this that larger organisations need to regularly assess the security of their supply chain members.
Whenever you need to leave your computer unattended lock it! Even if you’re in the office surrounded by your work colleagues lock it. You never know who could have had a play in your absence. To lock a Windows machine, press the Windows key (located close to the spacebar) and L at the same time. For Mac users press Control + Shift + Power (or eject) simultaneously.
We all receive spam emails. Most of the time they get caught by your email service providers spam filter, but occasionally one will slip through the net. Cybercriminals are adept at getting around such filters using Phishing and Spear Phishing tactics. Proper awareness training can help staff recognise the signs that an email might not be legitimate. If in doubt, it is best to refer the email to your internal security team and not click on link or attachment. Chances are high that it is a phishing email and the link or attachment may contain malware. Many businesses and organisations have fallen victim to such attacks. Always think before clicking on anything.
The cyber threat is constantly evolving. According to Kaspersky Labs, it detected 360,000 new malware forms a day in 2017. Security firms are constantly battling to stay ahead of malware authors so ensure that you keep your antivirus up to date.
Ensuring organisations have well throughout policies and procedures in place can help to protect against cyber-attack. Policies such as users having access to only what they require for their role and are not able to plug in personal devices or removable media for example. Likewise, having an audit of assets helps to keep track of what is part of your network, and more crucially what isn’t. Finally, make sure there is continued awareness of these practices in the same way that fire drills are carried out regularly.
When your computer notifies you that it needs to update don’t ignore it. Patches for vulnerabilities are released all the time so ensure that you heed your computer, it’s for your own good!
Good cyber hygiene can help you avoid many cyber dangers. Don’t visit dodgy looking websites and never click on links on such sites. Promoting a cyber aware culture through the Cyber Essentials scheme throughout your business can reduce the threat dramatically.
Want to learn more about how XQ Cyber can help secure your business? Visit our website at www.xqcyber.com and If you want to give yourself the very best protection against cyber security threats try our Cyber Score software for free now.