“To err is human. Unfortunately, the lasting effects of a simple mistake in a digital world can be catastrophic.”
(IBM X-Force Threat Intelligence Index 2018)
Cyber security reports and surveys continue to find that, while sophisticated cyber attacks do happen, simple mistakes, errors of judgement and the exploitation of very basic security weaknesses are a bigger threat to most organisations. What do I mean by this? Examples from my own experience include the accidental deletion of a very large amount of company information during a hardware upgrade. And a dishonest individual who exploited poor password practices to bypass payment controls and steal a large amount of money from his employers.
Cyber security is an area that can be complex, technical, and expensive. And the marketing typically dwells on the worst-case outcomes if things go wrong. But it doesn’t have to be like that. The good news is that, while security can never be guaranteed, you can hugely reduce both the likelihood and the impact of a security incident with a small number of controls. And it won’t cost you a fortune – unlike a high-profile incident.
Keep it simple
- Make sure all IT users are aware of good security practice, especially how to use strong passwords and what to do when there is an incident
- Backup important information
- Ensure software is kept up-to-date
- Use firewalls to protect the network from the outside world
- Install and configure anti-malware software
- Encrypt sensitive information, especially on mobile devices
This approach to security is straightforward, affordable and effective. If you need a helping hand with any aspect of it, please get in touch.