SPRING 2016 CYBER SECURITY ANYONE CAN BE A CYBER HERO Why its important every member of your team gets wise to online security attacks The majority of cyber breaches use the human factor. A big part of cyber safety is awareness of it among everyone in an organisation and its partners, including recognising: a suspicious email, phone call or odd activity around computers; knowing how to report it; and knowing who to alert. Its a chain of events owned by a senior person. IT sta are important team members, but they should not have ultimate responsibility. Prevention gets harder as we work over multiple devices, locations and partners, and the risks need to be understood and mitigated. The human factor is key to success. You may understand the risks, but does every member of your team? Everyone is a target The human factor is key to success. You may understand the risks, but does every member of your team? The tools of cyber crime are being turned into commodities and less skill is needed to use them. Physical crime may be diminishing, but cyber crime is growing. Smaller organisations may not attract the attention of highly skilled attackers, but identity theft, ransom, false payments and hijacking computers for use in bigger crimes is a still real risk. The business and personal consequences can be catastrophic. There are no borders to cyber crime the criminal can be next door or on the other side of the world. Cyber defence is not limited to a single department or person, and it should be in all procedures; good nancial controls can stop many common scams in their tracks. Many cyber attacks are a reworking of older scams made more potent through the use of technology. Small companies and individuals are at real risk because criminals are happy with a small return per target and deal with large volumes. The basics It can be complex for larger organisations to protect themselves, but for small and medium-size enterprises sensible safeguards can give a good level of protection. As a minimum: Allocate responsibility for cyber security to a senior manager or equivalent and include briengs in all senior meetings and to your teams and partners Implement recommendations from Cyber Essentials and, if appropriate, get the accreditation Educate everyone and have procedures, so they know what to do In addition, you can test your systems, simulate phishing attacks and run regular Q&A sessions to gain condence. You can purchase cyber insurance as a safety net in case things do go wrong, but eective insurance generally requires that you take reasonable precautions against attacks. FIND OUT MORE Some other useful resources are: l National Cyber Skills Centre: email info@cyberskillscentre.com or call 01684 585111 l Short articles about cyber security l Cyber security resources There is a cost to cyber security, but it doesnt have to be huge. There is an even bigger cost to ignoring it. Many organisations that are breached never recover. Credit: Dr Stephen Wright, general manager of the National Cyber Skills Centre Images: Sandro G / Shutterstock The costs can potentially be oset by using your commitment to cyber security as a business dierentiator. In the 1970s, car manufacturer Volvo used its marketing to make car safety a consumer choice before anyone else did, and it gave them a competitive edge!