Essential tips for cyber security from Innovate UK
Guest blog, written by Innovate UK on 15/06/2018
Every year, cyber crime is costing UK businesses around £30 billion, and this figure is on the rise. So, it’s time to start taking the issue seriously. With many people still in the dark about how to go about protecting their business, we’re here to help! So to ensure your business isn’t killed off by cyber crime, here are some essential tips for cyber security.
Identify all possible threats
'Cyber Risk Reviews must consider IT in your facilities such as AirCon, Lifts, Doors, Alarms & CCTV not just networks' – Cevn Vibert, Industrial Cyber Security Advisory Director at Vibert Solutions.
Before you take any further action, work out how secure you are currently. The best way to do this? Run a cyber security audit, like a penetration test. This will not only help you understand where you are now, but will also identify any potential threats. Here are some basic tips to help you stay secure:
- Be aware of the latest cyber security threats. If you know what you’re up against, it makes potential problems exponentially easier to deal with.
- Keep your systems up to date (the latest software often contains security fixes).
- Back up all your data. It sounds so simple, but you'd be surprised how many companies don't have adaquate backup provisions.
- Keep smartphones and tablets protected. With mobile and remote working so prevalent, your business can just as easily be compromised by your phone as by your work desktop.
But while the obvious threats are important to tackle, sometimes you need to think outside the box - as cyber breaches can come from unexpected sources. For example, if your employees are using home devices at work (BYOD), these could be infected. It’s important to consider every possibility to make sure you’re protected against an attack: from cookie theft to key logging, the list of threats can seem endless. With the world of cyber crime always evolving, don’t give hackers any weaknesses to take advantage of.
Make cyber security a business priority
'Don’t wait for an incident to occur, act now to protect the network and assets within it. Failure to do so can have significant impacts financially and impact the reputation of an organisation to a degree which they may not recover from' – Dan Driver, Head of Perception at Chemring Technology Solutions
Once the risk assessment is out of the way, it’s time to put together your security plan. Every employee should be informed of this plan! Let them know they play a vital role in keeping your business safe, as anyone who’s not on board could jeopardise the entire process. Outside contractors and suppliers should also be compliant with your policy. Sharing data with third parties carries many risks, so be extra diligent here.
It sounds obvious, but be careful when it comes to passwords. Remind employees that passwords should:
- Be difficult to guess.
- Be never written down or stored anywhere other than a password manager.
- Be able to be reset safely and easily.
Even after you put your security plan in place, keep monitoring everything. Any awareness of unusual activity will help you safeguard against it.
Leverage existing schemes
Don’t know where to start? There are plenty of solutions and schemes out there to help you stay protected from cyber crime. For example, the government-backed Cyber Essentials scheme could prevent up to 80% of cyber attacks if used correctly. There’s plenty more where that came from! Other solutions can test your organisation’s vulnerabilities and help you act accordingly. So, while cyber crime is a daunting topic, there’s plenty out there to help you stay protected from breaches.
Assume you'll be hacked
'Prepare and test a plan to identify, communicate and recover to ensure you can rapidly resume business with limited impact' – Sam Smith, Head of Digital Risk and Security at Cadent Gas Ltd. Remember, when it comes to cyber crime, everyone’s a target. No business is immune. So, ensure you’re prepared for all eventualities by building a strong strategic approach that covers everything, including keeping customer data safe and backing up systems. Be proactive at all times! This way, you’ll give your business the best chance of staying safe from an attack.
Interested in picking up some more essential business tips? Follow Innovate UK on Twitter or subscribe to our YouTube channel.
ISO 27001 and 9001 certified
Tigerscheme qualified testers
PCI DSS v3.2 Level 1
24/7 on-site Security
Get a quote today
If you’re interested in our services, get a free, no obligation quote today by filling out the form below.