With the sophistication and scale of cyber attacks increasing, taking a layered approach to security has never been more important – both from a consumer and a business point of view.
In the previous post we covered the importance of getting the basics in place and having early awareness of a potential hack, here we take a practical look at what businesses and consumers can do to help minimize their risks.
What can organisations do to help prevent or mitigate a hack?
A complete security operations framework is required to continuously prevent and mitigate the impacts of a breach. Some key ingredients to a successful approach include:
Understanding your risk– conduct an annual risk insight to understand the current risk exposure and to keep the board engaged with cyber risk.
Secure configuration– keep hardware and software protections up to date. Stay on top of basic protection and use multi-factor authentication for critical business systems.
Educate and train employees – ensure they know company policies and incident response processes.
Incident response – establish, produce and routinely test and communicate incident management plans.
Monitoring – continuously monitor all systems and associated logs to spot potential attacks and minimise risk.
What can consumers do to safeguard themselves?
We increasingly rely on online systems for our day to day activities, and trust the organisations we use to safeguard information. However as we are repeatedly seeing, cyber attacks are becoming more prevalent. As a result diligence is required when online:
Never hand out personal or financial details to those sending emails asking for them, even if they look genuine (known as ‘phishing’)
Never log in to your account by clicking a link from an email – always go directly to the website using the correct address (URL)
Avoid unknown websites – check the spelling of the URL and check websites are secure by looking for the https prefix to URLs
Online payments – look out for a padlock symbol in the browser or use a known safe payment system – keep a close eye on your bank statements for suspicious activity.
Make sure you access shopping or banking sites from secure devices only and over secure connections – and only download shopping apps from reputable or official sites
Good password hygiene – ensure you use different passwords for different accounts, change them regularly and don’t write them down!
Yahoo says "state-sponsored" hackers stole data on about 500 million users in what could be the largest publicly disclosed cyber-breach in history.The breach included swathes of personal information, including names and emails, as well as “unencrypted security questions and answers”.The hack took place in 2014 but has only now been made public.