Busting the myths around cyber

Matthew Clark, cyber director, Partners&
If I had a penny for every business owner I’ve met who said that they weren’t a target of cyber criminal activity, I’d be very wealthy indeed. The fact is, we’re all targets, and that’s not scare mongering – it’s a fact. If you have a phone, a computer, a gaming system or all of the above, you are a potential target. And, the recent news that the government has given data centres critical national infrastructure designation highlights just how digitally dependent we have become.
The old adage “prevention is better than cure” is as relevant today as it was when Erasmus coined it in the 16th century!
People
There is no such thing as being 100% secure from any risk. However, one way to reduce your risk of becoming a victim of cyber crime is to educate your team on what to look out for. If they are pre-warned, they know how to recognise a potential attack and defend themselves against it. Whether you are at work or at home, the advice is the same:
Use a strong password – three distinct words in additional to numbers and various characters
Use multifactor identification – usually a two-step process to double check your identity
Consider a password manager – with so many different passwords needed today, avoid writing them onto a post-it note and keep them secure by using a password manager
Keep your device software updated – it’s easy to ignore the software updates, but they are critical
Be circumspect about what you download – from videos, apps, emails – they all have the potential to carry malware into your systems
Call it out – encourage your people to let you or your IT team know if something is suspicious. More often than not, it will be!
The National Cyber Security Centre has a great infographic to share with your teams Stay-safe-online-top-tips-for-staff-infographic (ncsc.gov.uk)
Pitfalls
It won’t happen to me…the criminals are after large corporates, not my business…we outsource our IT so I’m covered…These are some of the comments we often hear from clients. As we’re seeing more and more in the news, those are myths that are simply not true. Every business today faces the risk. In fact, according to insurer, Aviva, businesses are 67% more likely to be a victim of a cyber incident than a physical theft and five times as likely to experience a cyber attack as a fire (Aviva).
Our advice to clients is, avoid the common pitfalls and myths around cyber and prepare for a cyber incident in the same way you would to a fire or a flood. Understand the risks, put measures in place to protect against the risk and determine how you would cover any financial loss associated with the risk occurring. The NCSC has great information to get you to start thinking about a cyber action plan Small & medium sized organisations – NCSC.GOV.UK
Large organisations – NCSC.GOV.UK
Protection
Do you have a cyber security plan in place? Have you considered what would happen if you had an attack? Would you know what to do first? Speaking with a cyber risk expert would be a great first step. They will assess your situation, identify what protection measures you can put in place and even walk you through a potential attack, so that you how to respond when an event does take place.
The likelihood of a business being the victim of cyber criminal activity is high and the financial implications are significant. Educating your people, avoiding the pitfalls and putting the right protections in place are all positive steps you can take to keep your business thriving.
Cyber Aware – NCSC.GOV.UK