With the internet, smartphones, computers and other devices being so ingrained in our modern daily lives, protecting ourselves and raising awareness is critical. Especially with how dependent we are when it comes to private communication, app usage, banking, online shopping and much more.
With cyber attacks continuously circulating around, it’s vital to take steps to prevent cyber criminals from accessing your accounts, devices and personal data.
As a result, we’ve compiled our top tips to protecting yourself and others online.
- Don’t click!
Don’t click links in emails, always go directly to the official website, if asked to reset your password try logging in on the official website first.
- Trust no one
It might sound cynical, however in 2022 83% of UK organisations reported phishing incidents with 27% of those reporting further internal impersonation attacks following successful phishing account compromise. Always question the authenticity of emails, even those sent internally.
- Backup, Backup and Backup
Always ensure your data is backed up, this is your last line of defence against ransomware. The National Cyber Security Centre advise following the 3, 2, 1 rule; 3 backups, 2 local but on different media and 1 offsite.
- Passwords NOT Password
Using a strong password is essential, but it is also critical that all passwords be unique and not reused across different logins. The National Cyber Security Centre recommends the use of complex passwords made up of at least 3 memorable words separated by special characters and including numbers.
A good cloud based antivirus with ransomware protection and a browser extensions is critical to minimising the risk of opening attachments and slowing or preventing lateral movement within the network.
In 2022 fines totalling £40 million were issued to UK organisations by the ICO, some of these fines could have been avoided had devices been encrypted with tools such as Bitlocker, ensuring no data could be compromised.
- Don’t delay, patch today
We all know how inconvenient updates can be, however poorly updated computers are targets, in 2022 66% of all malware exploited unpatched vulnerabilities.
- Knowledge is power
Ensure regular cyber awareness training for all staff is completed, knowing the difference between Phishing, Spear Phishing, Whaling and Smishing is essential now more than ever. It is also often a requirement of cyber insurance.
Only 23% of organisations in the UK have a cyber security strategy and incident response plan. Many insurers now require this to be compliant for cyber cover. Having a documented strategy and response plan can help reduce the chance of an attack spreading and potentially leading to data loss, ransom or fines.
- Get certified
Cyber Essentials and Cyber Essentials Plus are an excellent way to establish security standards within your organisation. As of December 2022, only 6% of UK organisations have Cyber Essentials and only 1% have Cyber Essentials Plus. Becoming certified is not only an important step in securing your organisation, it will also make you stand out.