October was National Cybersecurity Awareness Month. Throughout the month I posted tips every day and this blog is the final part of the knowledge shared (Days 21-31).
It's really important that you know how you'll respond to a CyberAttack. Your 1st hour actions make a huge difference and should be clear for all in your Cyber Response Plan.
Nobody gets in to trouble for being hacked - they get in to trouble for how they react to it! Make sure your cyber response plan is defined, shared and tested.
Encryption of any device is encouraged as best parctice and under GDPR it is advisable to reduce your reporting responsibilities. This is a great artice which discusses how you encrypt all your devices:
It's a misconception that CyberSecurity requires a huge financial investment.
Create cybersecurity policies and procedures, restrict admin/access privileges, enable multi-factor authentication and train employees to spot malicious emails.
It's absolutely vital that you have GOOD antivirus running on all your machines, please spend good money on this or you'll end up paying in the long run. Note that this advice is just as relevant to macOS as it is to Windows.
You can find out if your details have been involved in any databreach by entering your email address at the website have I beem pwned?
How do you manage countless complex unique passwords across multiple devices? Personally I use LastPass Premium which I love have a look here:
*YOU* are attractive to cyber criminals. If you have any money, data (usernames, passwords, documents, emails) or a job, you’re going to be targeted. It’s not personal, most attacks are automated. Please don't think it won't happen to you!
Always think before you plug anything into your computer. Never use a USB whose source you don’t know - It can be infected with malware that can even resist formatting. Curiosity can be very costly!
Your phone is smart, but is it secure?
Use your screen lock. Use encryption. Turn off Wi-Fi and Bluetooth when not in use. Install antivirus if you use an Android phones. Check permissions before installing apps & Back-up your data!
Delete any unused mobile apps – they're vulnerabilities for security and privacy. Revoke permissions for apps that require access to sensitive info– e.g. why would a torch app need access to your messages? And keep your apps updated.
I hope that these daily tips have helped you.
If you want to know more you can book me to deliver a keynote for your event or run a CyberSecurity training session for your staff or your board.
Cyber security awareness is obviosuly a 24x7 requirement and not jsut something that applies in October!