Improving your cyber security doesn’t have to be difficult or expensive.
At PDSC, we work with a wide range of organisations to identify the information you really need to know about cyber crime.
The following 5 recommendations apply to organisations of all sizes.
If there is only one thing you do to improve the security posture within your organisation, this is it. Patching basically means ensuring that your software is always kept up to date. It applies to any device, including mobile phones. Vendors regularly produce new versions, not just to improve performance, but more often, to address security flaws that may provide hackers with a way of targeting your computer. 80% of successful cyber attacks are the result of organisations running outdated software. The WannaCry ransomware attack in 2017 caused widespread disruption by exploiting computers running an outdated operating system.
To reduce your chances of being a victim this way, set all your devices to receive and install updates automatically.
Back Up Your Data
Think of the consequences if you lost all of the data you hold. How long could you continue operating? Data loss may not be the result of a cyber attack, but could be caused by a flood, fire, or theft. There are a wide range of storage solutions available, including cloud-based storage. This is often the most cost-effective, portable and easiest way of storing and retrieving data, but it is not entirely without risk. While attacks on cloud based servers are rare, cyber criminals are becoming increasingly aware of the amount of sensitive personal data stored in the cloud, so choosing the right storage provider is critical.
Training and Awareness
Your staff can be your strongest line of defence against cyber crime, but they can also be the weakest. Making sure that your staff know what to look for and are aware of the latest threats can dramatically reduce your vulnerability. Embracing a culture where staff are encouraged to report suspicious emails or websites is a sensible approach to adopt.
Make sure you also sign up to the free Action Fraud Alert service to receive accurate information about scams and frauds in your area.
Develop an Incident Response Plan
Even if you think the chances of becoming the victim of a cyber attack are low, it’s good to be prepared. Make sure that you understand what information within your organisation is critical, then determine roles and responsibilities so that you can understand what you are dealing with. Use the plan to articulate what you would tell your staff, your customers and your suppliers. Most importantly, don’t write a plan and consign it to gather dust on a shelf. Review it and test it regularly.
Develop an organisation-wide Cyber Security Policy
This needn’t be a formal document, but it should set out your overarching approach to cyber security and why it is important to your organisation. Include the controls you have put in place for staff working remotely or at home as well as advice on passwords. It should also set out the procedures staff should follow in the event of an incident.
Test your resilience today by taking our online assessment.