‘Things’ happen. It’s a fact of life, and it’s now a fact of life that ‘cyber things happen’.
2018 was a major year for data breaches, and 2019 will undoubtedly see more companies impacted by deliberate or accidental cyber incidents.
Take the following simple steps and you can ensure 2019 is not the year you become another statistic.
Understand your risks
Think about where your risks are. What could happen and what do you need to do to reduce the likelihood or the impact? Put these into a risk register and think of risks to; people, systems and premises.
Build a plan
Think about who you will need when something goes wrong and write it in to an ‘incident management plan’ along with contact details. Outline roles and responsibilities in the plan so everyone knows what is expected of them.
Create a policy
Create a policy which sets out your security ‘rules’ by which you operate. Think about people, systems and premises. Train your staff and remember it applies to all areas of your business.
Remember - it’s not just IT
Threats come in physical form as well as technical so don’t think cyber security is about IT. It’s a people problem. Human error is the number one cause of data breaches. Don’t assume that a ‘firewall’ or ‘cloud’ will solve all your cyber security problems.
Passwords are key
Make sure passwords are a minimum of 8 characters and every user has a unique login and password for your systems. Sharing passwords and login details is never a good idea and should be discouraged because if something goes wrong you need to know who and how it happened.
Keep IT updated
Cyber security issues are being discovered all the time. Speak to your IT team and ask them about the ‘security patches’, how your systems are updated and when. Once a ‘vulnerability’ has been reported your IT team should assess the impact on your business and apply a fix.
Be aware of malware
Malicious software is created to steal information from you! All you need to know is that it exists. Don’t install untrusted software (aka ‘FREEWARE’) as it often contains malicious code which will leave your systems exposed to threats.
Data is now mobile
Data is no longer simply stored behind locked doors. It’s on mobile devices, in pockets, easy to lose and easy to steal.
Think about where your data is held, who has access to it and how it is protected. Consider creating a policy which sets rules on how mobile devices are to be used.
Getting your back-up
When things go wrong you need to make sure you have backed-up your critical information and systems.
Don’t leave this to chance. Sometimes backup systems fail. Ask your IT team how systems are backed-up, check how often, where to and when they were last tested.
The final step and the one which underpins all the others is this; everyone has a role to play in protecting your business and the information you have access to. Training and awareness in your business is absolutely key to successful cyber security. Train people on what to do if they suspect a breach has occurred and how to spot one. Explain the benefits of a secure business and what their role is – from the top to the bottom of the business EVERYONE has a role to play.
For further advice and support contact us at [email protected] or call 0845 4133 666 and we will discuss your specific concerns and needs.