Photo by FLY:D on Unsplash
Chamber membership provides access to key information, expert advice and legal protection, enabling you to stay informed, legally compliant and free to focus on what you do best – building your business.
IT, SECURITY AND DIGITAL SECTOR UPDATES PASSWORD PROTECTION FOR BUSINESSES
PREPARING TO RESPOND TO A CYBER ATTACK
Last month (5 May) it was Password Protection Day. We’d like to further help businesses protect their data with these helpful tips. Firstly, always use strong passwords. These are passwords that contain at least eight characters or more. Every character you add, makes it harder for hackers, so, the more the better. Secondly, a mix of lower-case and upper-case letters is advisable. Thirdly, numbers and symbols are also encouraged and of course there should be no ties to your personal information. If your employees adopted such approaches when producing a password, your company will be in a much better position security wise.
It is not possible to allow for every scenario when it comes to cyber security incident response management, but having the right processes in place can alleviate some of the panic which often ensues during an incident. A well-prepared plan affords both management and staff the knowledge of how they should respond and what they should do when an attack happens.
In addition, password manager apps can be very useful and will store passwords for each of the services that you use. If, for whatever reason, some passwords cannot be stored in a password manager, then we would recommend using sentence-based passwords. These are far easier for the human mind to remember. Plus, longer passwords increase the difficulty level for hackers to breach your account. Lastly, never share your passwords with anyone. This leaves room for human error and could be devastating. Don’t reuse the same password and never write your passwords down. Whether this is in a book or a single piece of paper; if you lose it, it could fall into the wrong hands. Advice from Cambridge Support 10 connected
Part of effectively managing your teams response to a cyber incident, and preparing them for the real thing is conducting a number of ‘test runs’ in the form of table top exercises. These are pre-defined scenarios, simulating a cyber-attack or security related incident for the incident response team to work through. We strongly believe that creating simulated cyber-attack scenarios tailored to the organisation and based on real world attacks, latest techniques and tactics used by cyber criminals have the most benefit. So, how do we do this? During an initial workshop, we aim to determine what incident response processes and practices are already in place and what the organisation would like to achieve. This is followed up by some further research which can be pertinent to the types of scenarios the organisation will get the most benefit from. We then build scenarios tailored specifically to the organisation. These would be presented in the form of play books and would contain a thorough, fully developed exercise for the incident response team to follow.
