Cyber security is a daunting topic. Every week there’s a new big data breach, experts are constantly warning that “you’re next”, and the threat of fines and other disciplinary action under the GDPR (General Data Protection Regulation) lingers over all of us.
To help you understand how to address these issues, IT Governance Director Steve Watkins gave us his top five tips for staying secure.
1. Test and patch
Make sure your IT systems and solutions are up to date and protected by establishing a patch management programme to apply updates to your software and applications.
This should be paired with a technical security regime, in which you conduct vulnerability scans and penetration tests to look for weaknesses in your organisation.
2. Close the talent gap
Most organisations approach cyber security backwards: they spend their budget on technologies that can prevent cyber attacks and then ask staff to incorporate the technology into their processes.
They would be much better off focusing on staff awareness. A Ponemon Institute study found that the majority of data breaches are caused by human error, with employees committing basic mistakes (such as falling for phishing scams).
Organisations that enrol their staff on cyber security training courses will end up with more highly skilled employees who are unlikely to expose sensitive information.
3. Identify the gaps
Plan for what will happen when you suffer a security breach. This includes identifying what remedial steps needs to be taken, who is responsible for each task and how you are going to communicate with employees, third parties and regulators.
Your plan should be the end product of a risk assessment, in which you identify which threats are most likely to occur and the damage that they will cause.
4. Implement best practices
Once you understand the threats facing your organisation, it’s time to mitigate them.
There are countless ways you can do this, but that doesn’t necessarily mean the process is complicated. With a little advice, an effective framework can be created based on common sense.
5. Maintain compliance
Keep up to date with changes and expectations from all interested parties and react in a timely and controlled manner.
According to Ponemon Institute, 55% of IT professionals believe that top management should lead the company stance on information security and demonstrate a commitment to security throughout the organisation. Building and maintaining this ‘culture of security’ and ensuring that all staff are security aware is crucial to continuously repel malicious intrusions and threats.
Prepare for the threats of tomorrow
You can find out more about these tips in our free webinar: The cyber security issue and how to overcome it. In this presentation, which takes place on Friday, 22 February at 11:00 am, host Steve Watkins explains his tips in detail, and advises you on the best ways to follow through with them.
You might also be interested in our cyber security self-assessment. This short questionnaire asks you about your defence measures and suggests ways for you to become more secure.