Have you stuck with your New Year's resolutions?
We’re only one month into 2019 and according to statistics more than 80% of people who made New Year’s Resolutions will have broken them! How about you? Did you make any? How about Resolutions for your business? How about resolving to be more secure?
2019 - The Story so far
We’ve heard of a Hacker Forum itself being hacked, which resulted in over 800 million email addresses and passwords being released ‘into the wild’ for any Cybercriminal to use. This means that Cybercriminals can use tools readily available that allow them to try thousands of sites, with these credentials and try and access them (e.g. Facebook, email accounts etc). This may sound benign but remember that if someone gains access to your email account they can easily reset your password on sites like eBay, Amazon, or even your bank).
We also heard how Kwikfit the tyre company had their booking system taken down due to a Ransomware attack. Some are suggesting this isn’t a Data breach (as they are demanding money from Kwikfit). But who knows if the Hackers haven’t already stolen the data? Data which includes, Name, Address, Telephone, Car Registration and Tax details.
All of this leaves us wondering what we can do to better protect ourselves. Well the good news is there are lots of things we can do to improve our security;
- Update systems to ensure they’re running the latest software versions
- Update security software so it protects against the latest threats
- Have a policy which states your commitment to Data Protection
- Ensure staff have individual logins (with unique passwords) for systems
- Have regular meetings to talk about where you are potentially vulnerable – Ask “What if...”
- Provide training to your staff so they know what to look out for (e.g. Phishing emails)
- Provide training to your staff so they know how to escalate issues or concerns
- Provide your staff with training on how to work securely, remotely (like on trains)
- Speak to your suppliers about THEIR security so you know they aren’t your weakest link
- Have a regular back-up process in place, and test it works – regularly.
Notice that not all these things are technology led. All too often we focus on technology when the real risk (and opportunity) is people related. We focus on upgrading our Firewalls, without thinking about our Human Firewalls.
The UK’s Active Cyber Defence (ACD) programme
In January 2019 the ‘Kings College London’ released the latest ACD report. The programme has been part of the National Cyber Security Centre (NCSC) since 2016 and aims to improve cybersecurity in the public-sector. The report makes for interesting reading as it states that;
“In the UK, over four in 10 businesses and one-fifth of charities were subject to a cybersecurity breach or attack in 2017-18. Official figures suggest that a UK resident is more likely to be a victim of cybercrime or fraud than any other offence. Moreover, perhaps on account of the UK’s relative wealth, its population is more than twice as likely to be targeted by cybercriminals compared to the global average, and each crime is more than twice as lucrative as the global average. One estimate suggests that £4.6 billion was stolen from 17 million UK internet users in 2017.”
The report goes on to say that “Organisations that adopt better cybersecurity will survive and thrive; those that do not will fail or, at the least, risk their competitive advantage.”
But we know this already don’t we? We know that an outage or breach can leave us exposed and ultimately harm our reputation.
So the key question to ask you is; What is your New Years resolution? Is it to build a stronger, more resilient and successful business? If it is then perhaps following some of the guidance here might help you stick to it and succeed. Good Luck.
Agenci Information Security is responsible for protecting businesses from cyber threats, cyber-attack, internal threats and business outages. Agenci Information Security ensures clients systems are secure and provide peace of mind through a range of proven specialist information security solutions.
Please contact us here to speak to a member of our team.