Are you concerned by ransomware being headline news?
Are you confused about Cyber Security?
Do you think Cyber Security is only a concern for big businesses?
I have Antivirus I don’t need anything else to protect me?
It is often a misconception that Cyber Security is just another IT problem, the truth is Cyber Security is an addition to IT. Users need to be educated on spotting the signs of phishing, using the same password on multiple accounts, sharing to much online etc. There are technical measures that businesses of all sizes can put in place but the human factor can never be ignored. The importance of educating users about Cyber Security cannot be underestimated.
The recent headline grabbing ransomware attacks which affected the NHS and TNT, have ultimately been started by an end user being tricked into opening an attachment or clicking on a link in an email. With some effective training and knowledge sharing the effect of these attacks could have been reduced.
In the UK we are lucky to have an active Cyber Security Community which is now being led by the National Cyber Security Centre a part of GCHQ. The NCSC are the leading the way forward with 2 schemes to promote Cyber Security best practice, ‘Cyber Essentials’ and ‘10 Steps to Cyber Security’.
Both Schemes outline 5 basic measures that can be put in place to reduce the risk from a Cyber Attack.
1. Boundary firewalls and internet gateways – these are devices designed to prevent unauthorised access to or from private networks, but good setup of these devices either in hardware or software form is important for them to be fully effective.
2. Secure configuration – ensuring that systems are configured in the most secure way for the needs of the organisation
3. Access control – Ensuring only those who should have access to systems to have access and at the appropriate level.
4. Malware protection – ensuring that virus and malware protection is installed and is it up to date
5. Patch management – ensuring the latest supported version of applications is used and all the necessary patches supplied by the vendor been applied.
The truth is Cyber Security is a concern for all of us, but by applying common sense and some best practices the risk can be reduced by up to 85%. No matter how small or large a business is Cyber Security should now become embedded into your business and no longer a subject to be ignored.