The Best Defence Against Cyber Attack 

Written By Bethany Faithfull

What are the biggest cyber threats you and your business face? 

According to the UK National Cyber Security Centre (NCSC), the biggest threats faced by business and individuals in the UK are low-sophisticated cyber crime, such as phishing, compromised social media accounts though hacking, financial fraud, and the spread of malware. For these kinds of cyber attacks criminals do not require any specialist skills to perform them, and instead can use tools and services that are readily available on hacking forums or across the dark web

UK businesses are also at risk of ransomware attacks – a type of malware attack that results in file encryption or data theft with the user no longer able to access their files or even their whole computer, and the criminals demand a ransom payment to return access. Ransomware is often distributed through malicious websites, which could be linked to from emails or messages. These messages often display many of the same techniques used in phishing emails, for example claiming that it is a law enforcement action that has blocked the use of the computer and payment of a ‘fine’ will release it.  

 

What is the biggest cyber security asset you have in your business?  

All of these low sophisticated cyber attacks usually get into your systems through one unidentified weakness, such as missing software update on your computer, or a malicious email or link sent to your employees. But your employees should not be viewed as a security vulnerability, because if you ensure they are properly advised and educated, they can actually be your biggest cyber security asset. Having cyber-aware staff throughout all areas of your business can also ensure you don’t fall victim to attacks against software vulnerabilities, as it is your employees who may need to stay vigilant to ensure a restart is performed on their devices to install critical security patches to protect your devices. 

The best defence against attack is a well-educated team, that know how to avoid malicious websites, where to safely access software, and how to report a potential issue if they spot one. Reporting phishing messages and knowing how to react when an unexpected file is sent to them from a suspicious email address help to protect them and their personal data as much as it helps you, your network and devices, and your business, so everyone has a reason to be motivated to learn more about how to stay safe and secure online. 

 

How can you make use of this cyber security asset? 

Cyber security can be a tricky subject to approach, especially from a non-technical background. One of the things we like to do at Cool Waters is break down the barrier to understanding cyber security. We take cyber security topics, and present them in plain English, through our blogs on our websites, and through our bespoke staff training on Cyber Coach. This begins with the senior leadership, as a government study found earlier this year: “Qualitative data shows a similar set of issues to previous years that prevent boards from engaging more in cyber security, including a lack of knowledge, training and time.” 

Senior staff who do not lead by example and try to find workarounds instead of following the cyber security policies and practices in their workplace have a strong influence on their employees. If they see you avoiding and ignoring rules, they will too. They won’t consider cyber security important unless you do – and this can leave you, your business, and your personal data vulnerable to attack. Providing training to your staff to support them in this demonstrates that you value them and recognise their importance to your business. 

Cyber Coach Security Awareness Training can turn your team into a security asset rather than a security risk. Your staff are often the last line of defence against a cyber attack and can mean the difference between an attack failing or succeeding. Cyber Coach training can be customised to meet the unique needs of your business, with a range of modules and topics available including Compliance focused training to meet the annual training requirements or any standards you might hold or be working towards, such as Cyber Essentials, ISO 27001, or PCI-DSS. 

 

Get in touch to book a free consultation with our experts today, and find out how to turn your employees into your biggest cyber security asset.  

Bethany Faithfull
Previous

How Safe is LinkedIn? Be Aware What You Share 
Next

QR Codes Now Used in Phishing Attacks