At The Defence Works, we’re well accustomed to working with organisations – large and small – to help protect themselves against cyber-attacks. That’s why, this week, we were asked by The Telegraph for our input in to their latest article: How small firms can protect themselves against cyberattacks.
There are some interesting comments from other organisations, including from Adam Philpott, EMEA president at McAfee, who highlighted that portable devices can often make organisations vulnerable, advising that the use of memory sticks should be limited, as well as encouraging staff to avoid interacting with unknown sources and implementing privacy settings across social media.
Our MD, Eddie Whittingham, provided his insight, including highlighting the ongoing risks of phishing emails and the need for employees to remain alert. With the vast majority of cyber-attacks involving human error, Whittingham explained:
“Business think that it costs too much [to implement cyber-security measures], but it doesn’t need to.
One key takeaway mentioned in the article, is Whittingham’s view that businesses shouldn’t be intimidated by cybercrime:
It’s just the evolution of crime and not that different to what I saw during my time with the police – combating it is just about locking the virtual doors and windows.
You can read the full article here: https://www.telegraph.co.uk/connect/small-business/business-solutions/how-firms-can-protect-against-cyberattacks/
Our top tips for protecting yourself and your business against cyber security:
- Ensure you keep you software up to date, as updates often contain vital security updates to secure the software
- Implement security awareness training with your employees to help them increase both their own personal security, but also helping to significantly reduce your organisation’s risk
- Ensure cyber-security is a regular topic for discussion at board level
- Implement simulated phishing exercises with your employees (the vast majority of attacks still occur via phishing emails, so it is a good way to identify any areas requiring additional training or support)
- Demand information from suppliers and partners about their cyber-security measures and consider any obvious weaknesses as a back-door into your own organisation
- Aim for continuous improvement in security, rather than annual reviews or upgrades, as cyber-crime evolves quickly – make it part of the culture of your business.