All organisations that use IT systems should establish some basic security principles to protect their data and the data of their clients, not only for legal purposes such as GDPR or UK DPA, but also for client confidence and reputational reasons. Without Cyber security, your organisation could be crippled by Cyber attacks or malicious software.
Follow guidelines, deploy best practices and train staff in Cyber security awareness, improving Cyber security posture is key to keeping your assets safe, there is no real one size fits all product to improve but there is methods and steps to generally improve a company’s practices and resilience from Cyber-attacks.
The most important features to remember for corporate devices are a really easy word to remember BE SAFER; Backups – take regular backups of devices and files. Encryption – use strong Full disk Encryption, for the device or sensitive files, Services/Software- reduce them to only what you use and need, Antivirus – deploy an antivirus or antimalware software that scans regularly, keep it updated, Firewall – Turn them on and only allow explicit connections, Environment – Use device only in safe environments avoiding public Wi-Fi unless you have a VPN, Restrictions – restrict the devices usage to yourself and make sure accounts have passwords and lockdown actions that require privileges.
The cost of a Cyber attack is hard to gauge, it depends on the target the attacker goes for and what they use to get to their target, for example a ransomware attack that’s successful could disrupt your operations for weeks, a simple virus could only impact for a day, its vital to understand that no two attacks are the same. Also, how much are you willing to lose? Let’s not forget, if you are breached and the attacker gains access to personal information you could also be fined by the Information Commissioners Office (ICO)
A few top tips
Cloud security is where organisations utilise best practices, understand their cloud landscape and utilise tools and techniques to reduce their overall attack surface or detect attacks. Cloud is not far from traditional IT other than its not on your physical site, but it is on someone else’s. Securing it is just as vital.
Cloud security and cyber training can be complex and with most organisations busy doing well what they do, these things can become overlooked, turning them into big projects and even bigger culture changes. We have delivered multiple engagements to various sectors, contact us today to find out how we can help!
Copyright © 2023 RMG Cyber Consulting Ltd.