Good cyber security facilitates better cyber resilience; the ability of an organisation to protect itself from, respond to, and recover from a cyber attack, data breach, or service outage.
A recent report by the communications regulator Ofcom has revealed the sale of online fraud with some shocking statistics:
- Nearly 43 million UK adult internet users have encountered suspected scams online
- Among victims who lost money, one in five were left over £1,000 out of pocket
- Around nine in ten online adults in the UK (87%) have come across content they suspected to be a scam or fraud
Whilst this report does not isolate the figures for business communications the risks are clear. Most businesses will have protective firewalls and procedures in place. Still, fraudsters can be very convincing in their communications that no amount of tech can guard against if humans allow themselves to be tricked into downloading malware or clicking links.
The National Cyber Security Centre (NCSC) provides cyber security guidance and support helping to make the UK the safest place to live and work online. In March 2023 they launched their board-level cyber security toolkit that can be downloaded and provide a range of resources designed to help board members govern cyber risk more effectively. It has also recently promoted a free Cyber Action plan that smaller businesses can download.
Each team member has a role to play in making sure that there is the right level of assurance in the business, but the ultimate accountability to the shareholders is with the board.
In addition to utilising the above tools, organisations can also gain a recognised accreditation called Cyber Essentials which has many benefits. Link ICT Services is proud to have achieved Cyber Essentials Certification and our team of experts is able to support customers in achieving their own certification.
Becoming ‘Cybersmart’ requires spending time reviewing digital routines to stay vigilant and protected online. Here is a basic cybersecurity checklist:
|Logins & Passwords||All of my logins and password are unique for each account.
Protect your accounts by using different and individual passwords for each of your accounts to defend against those trying to hack into these accounts.
|All my passwords are strong and complex. Most accounts will tell you how strong your password is but if not, it is always good to use a mixture of letters, numbers and special characters.
|I am regularly changing my passwords. Not all accounts ask you to update your password after so long. Therefore, it may be good to change up your algorithm and change it to something completely different. This adds that extra layer of protection.|
|Multi-Factor Authentication (MFA)||I am using Multi-Factor Authentication (MFA). Many organisations and accounts are now making MFA mandatory to use certain systems as it adds an additional layer of protection to prove that you are you and you are the correct person accessing your account. This could be a code that is sent to your email, a text to your mobile, or a fingerprint or face recognition.|
|Software Updates||I check my devices for updates often. Having the most up-to-date operating system helps to have the best security features on your device, keeping away those potential cyber threats. If updates are no longer available for your hardware it may be time to upgrade them.|
|Data Sharing||Only set up accounts for services you will use regularly and if you are sharing data ensure it is encrypted and that you have GDPR consent.|
|Email/Phishing||I am always being vigilant with my emails. Always be vigilant when receiving messages or browsing websites. It might be that what you are seeing is what not it appears to be. Always check requests verbally if you are unsure.|
Taking cyber security seriously builds trust and confidence with customers and shareholders, particularly at a time when risks and threats are becoming increasingly complex in customer supply chains. If we can help guide your strategy please get in touch.