Have a plan for cyber security
Imagine building a house with five doors. One door has three locks, two have one lock and the others no locks at all. Why even bother to have one door with three locks? Unless you’re sure all thieves will only try one door, you’re spending money in the wrong way. Make sure all five doors have one lock. For our complex, modern-day IT environments, this means having a decent plan. This should consist of a baseline, policy, procedures and a plan/ do/ check/ act cycle in place. So yes, audits too.
Acknowledging cyber security is yours to defend
The receptionist is one of the first lines of defence in security. This person should ask anyone asking for information ‘why?’ and also verify the background and intentions of the caller. Make everyone part of the cyber security defence. People should ask for less access rather than more to do their job. Instead of thinking about what makes their life easier right away, your staff should be questioning if what they do contributes to keeping customers, data and services safe. Just like locking the door every time you leave the house, security should become part of everyone’s behaviour.
Prepare for the worst, hope for the best
I’m a big fan of one-liners – I hope there aren’t too many in this blog. This one, however, must be included. It’s about being prepared when the visualisation from the start of the blog happens. Put yourself back in that situation and imagine losing control of all your systems again, but this time knowing exactly what to do. That’s better, isn’t it?
Business continuity planning and disaster recovery prep should be fun and not just something we do because our legal team or certification institute demands it. As for hoping for the best? Well, we can always hope nothing bad happens. Prevention and preparation just make hoping a little less important.
Wrapping things up, I can imagine you’re thinking about how busy you already are, running a business or department. Plus, daily operations already cost a lot. How will you find time and budget to follow my advice?
Well, the question you need to consider is: what happens if you don’t? My personal view is that, in 20 years, the companies that take cyber security seriously today will still exist. The ones that don’t take it seriously won’t.
Don’t lose sight of cyber security fundamentals. Keep educating yourself and your teammates. Educate your staff: from the intern to the CEO, they all play a role in keeping your organisation safe.
Learn more about Ekco's security services here. If you have any queries or concerns, our teams are always here to chat. It all starts with a conversation – get in touch with us today.