Why you should operationalise your cyber security processes
The UK’s National Cyber Security Centre’s latest report reveals that it has prevented over 1,800 cyber attacks in the last three years. The threats are still out there and we should never be complacent. It’s worth taking some time to review your cyber security processes to make sure that they’re up to date and implemented rigorously across your business.
In the last year, the NCSC says it has foiled over 600 major cyber attacks on the UK. This seems like a small number but the NCSC is defending major national institutions, so this figure does not relate to the number of attacks against individuals and businesses that occur every day. And at over 1½ attempted attacks every day – the NCSC has been busy. And on an individual level, we need to remain vigilant: The NCSC estimates that there were nearly a million incidents of computer misuse in the year to March 2019, defined as:
- Malicious emails
- Social engineering
In the daily business world, according to insurance firm, Hiscox, an increasing proportion of SMEs are being targeted by cyber criminals. Hiscox’s annual cyber readiness report reveals that 55% of UK companies reported a cyber attack in the last year – up from 40% in 2018.
According to NCSC’s CEO, Ciaran Martin, interviewed by the BBC, there are three basic steps that businesses and individuals should implement to help protect against cyber threats.
- Strong passwords
- Multi-factor authentication
- Backup Data
The NCSC’s message reflects the advice that we at Orca, have consistently been giving our clients.
The importance of adopting strong password management strategies cannot be over-emphasised. It’s all too easy to use the same password for all of your systems, and if just one of your applications is compromised, this is a route for cyber criminals into all of your data. So make sure that you implement a password management system to ensure that you have a different, unguessable password for each system that you use.
Complementing password management is the adoption of a multi-factor authentication (MFA) strategy to make sure that you not only have different passwords, but there’s another layer of security applied to protect your systems.
Your business data is one of your biggest assets and you need to make sure that if the worst happens, you can return to the latest versions of your data. Bear in mind, that despite all precautions, it’s often human error that causes data loss. (According to a recent report, a staggering 90% of data breaches are caused by human error). It’s therefore vital to adopt rigorous backup processes. Automation of backup will make life easier and you should also ensure that the backed-up data is stored off-site to aid recovery if you should be unfortunate enough to lose your primary office location.
Cyber Security Discipline
Like so much in business, cyber security is a process. It’s important to ensure that all of your staff follows the process and this needs to be done consistently. For advice on best practice in data security, contact us