Following Tuesday’s announcement by the UK Government that Islamic State is plotting cyber attacks targeted at bringing down the infrastructure of the country, the government has renewed its calls for companies to protect themselves against cyber attacks.
Now is the time for business owners to ask the following eight basic questions that are fundamental to warding off the majority of Internet-based threats:
- Do we have up-to-date firewalls, antivirus and malware protection software on all of our Internet-connected devices?
- Do we (including our employees) use strong, unique and diverse passwords?
- Do we regularly audit and update our user-access privileges?
- Do we have an effective configuration management system and process?
- Are we using any unlicensed software?
- Do we update our software as soon as a new version is available?
- Have all of our employees recently received basic security awareness training about phishing and other cyber threats?
- Do we regularly conduct vulnerability assessments of our websites, applications and networks?
Solutions to the problems highlighted by the above questions are not difficult or costly to implement, and should already be part of the basic cyber security regime of any security-conscious business. The problem is that all too often certain processes get neglected; companies fail to update their software, or they use outdated programs that are riddled with vulnerabilities, creating an open target for attackers to launch automated attacks.
The above eight questions reflect the Cyber Essentials scheme, a low-cost cyber security framework that enables UK businesses to implement five basic controls that can protect them against common cyber threats.
From as little as £300, businesses can get secure against 80% of cyber threats by going through the Cyber Essentials certification process.
To find out how to get started, download the introductory guide now.