It’s the first week of 2023 and you’re back at work and feeling rejuvenated, right? Can you say the same for your computer software, devices and systems?
After business closure periods such as the Christmas holidays, Easter and bank holiday weekends, we power up our devices without giving their health or security a second thought. It’s very common that cybercriminals will look to take advantage in times like these to strike, aiming to go unnoticed until you return to the office or until your systems are restarted.
This poses a serious threat to your business as you can't defend against something you don’t know exists. To help you tackle the threat before it wreaks havoc in your systems and on your devices, we've created a Cyber Workout Plan for 2022 to keep your business fit and ready to tackle any cyber security challenge!
The Cyber Workout Plan comprises 12 mini workouts for your business to complete so you can tackle any threats that may have arisen during the festive break.
Ensure any passwords you create and use are complex, random, and secure! 64% of individuals reuse passwords over multiple accounts, and in 2021, compromised credentials accounted for 20% of all data breaches!
Keep your software up to date! During the winter break, your company devices may need a software update - enabling auto-updates to ensure your technologies have the latest security defences and resolve any potential bug issues.
When did you last test your Cyber Incident Response plan? Ensuring you have a solid and up-to-date ,Cyber Incident Response Plan can minimise the fallout in the event of an attack or breach. Hopefully, you won’t ever need to use it, but it is fundamental to implement!
2023 is the year to take control of your cyber health! Whether your business is starting on its cyber security journey, or you would like some peace of mind knowing that your internal capacities are operating as they should be, a cyber security health check is the optimal way to help get you going.
Strengthen your human firewall! One of the most effective ways you can strengthen your workforce is through regular ,Security Awareness Training. Businesses can see a 70% reduction in socially engineered cyber threats when effective cyber awareness training is implemented.
A Network Vulnerability Assessment tests your IT system configuration using the same techniques used by hackers to ensure your company is not wide open to a cyber attack.
We can scan and review your internal networks and systems looking for weaknesses such as poorly maintained or designed systems, insecure Wi-Fi networks, insecure access controls, or opportunities to access and steal sensitive data.
If you've never had a Vulnerability Assessment, make a note to get tested in 2023. Our focus with a ,Network Vulnerability Assessment is to identify weaknesses that might compromise your network. With a plain language report, we can share with you our results alongside simple instructions on how any vulnerabilities might be fixed.
All businesses, regardless of size and type, should take regular backups of their important data. Start 2023 with a new backup routine, making sure that your backups are tested so you are confident they can be restored.
Ransomware (and other malware) can often move to attached storage automatically, which means any such backup could also be infected, leaving you with no backup to recover from.
To help keep your files and data safe, you should secure digital backups with a password or encryption and keep them isolated from your network. By doing this, you're ensuring your business can still function following the impact of flood, fire, physical damage, or theft. If you have backups of your data that you can quickly recover, you can't be blackmailed by ransomware attacks.
Phishing scams are becoming harder to spot, poor grammar and spelling and low-quality versions of recognisable logos are common signs of Phishing attacks. Other things to look out for include checking the sender's email address to see if it looks legitimate or whether a company logo has been manipulated to look legitimate.
By training your employees on what a phishing attack looks like, they are more likely to identify and report scams. Our ,Simulated Phishing Exercise gives you a continuous simulation and training to understand the latest attack techniques, recognise when something looks wrong, and help you stop fraud, data loss and brand damage in its tracks.
New regulations (such as GDPR) as well as high-profile media coverage on the impact of cyber incidents have raised the expectations of partners, shareholders, customers, and the wider public.
Quite simply, organisations - and board members especially - have to get to grips with cyber security. If you are not regularly talking about cyber security at your board meetings, you must start.
The National Cyber Security Centre has produced a ,Board Toolkit to help encourage essential discussions about cyber security to take place between the Board and their technical experts.
Every business will follow the First Aid or Fire Alarm procedure, so why is cyber security any different?
There are several policies that businesses need to adopt, they include a Bring Your Own Device Policy, Social Media policies and Risk Management/Incident Response policies.
Members of the Cyber Resilience Centre can take advantage of our ,Cyber Security Policy Templates that will help you to identify the gaps within your business. Membership starts from £500, ,learn more today.
Cybercriminals target supply chains as a means of reaching the broadest possible audience with their malware. Identifying and compromising one strategically important element is an efficient use of resources and may result in a significant number of infections.
It’s often perceived that small businesses are not big enough to be hit by a supply chain attack, however, it is not about how many people work for you or how many office locations you have. A supply chain attack can be carried out through the systems that you use.
To help you secure your supply chain, you should ensure that your suppliers regularly conduct security audits or have security certifications and put this within your contract with them.
Cyber Essentials is an effective, Government backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber-attacks.
The National Cyber Security Centre recently announced they are running a ,funded Cyber Essentials programme which will help small and micro businesses to implement baseline security controls and prevent the most common types of cyber-attacks.
Qualifying organisations will receive around 20 hours of remote support with a Cyber Essentials Assessor. To qualify for this scheme, an organisation must either be:
The North West Cyber Resilience Centre works with businesses, small or large to help reduce cyber-related risks and vulnerabilities and enable companies to follow cyber best practices to avoid these incidents.
To help you to guard your business against cyber-attacks in the way you would protect your premises against fire and flood, we offer a ,free membership package. Membership is hassle-free and, doesn’t commit you to anything that you’ll later be charged for. There are options to upgrade your membership to utilise our ,cyber services, but these upgrades are not compulsory – the crux of the offer is free.
Click to Open Code Editor