With email being the largest single attack vector on the planet, keeping your organisation secure and productive is of utmost importance. So, what does that mean?
Cyber Strategy …
includes implementing technology and best practices to secure your infrastructure and prevent hackers from gaining access.
Cyber security …
is the state or process of protecting and recovering networks, devices, and programs from any type of cyberattack.
Cyber resilience …
is your firm’s ability to withstand, respond to, and recover from a cyber-attack or data breach. For obvious reasons, the cyber resilience of regulated firms of all sizes is a concern for the FCA.
Cyber resilience is an evolving perspective that is rapidly gaining recognition. The concept essentially brings the areas of information security, business continuity and resilience together. Resilience is more than just preventing or responding to an attack—it also takes into account the ability to operate during, and to adapt and recover, from such an event
So why is this important? Email attacks are on the rise, with the danger areas including:
- Internal email threats and data leaks from infected email attachments
- Phishing (the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers);
- Spoofing of business partners or vendors;
- Impersonation attack.
There are some basics that firms should adopt:
- Secure your Internet connection using a firewall;
- Secure your devices and software using the most secure settings and passwords;
- Control access to your data and services – staff accounts should have just enough access to software, settings, online services and device connectivity functions for them to perform their role. Permissions should only be given to those who need them;
- Use encryption;
- Protect from viruses and other malware (malicious software) – anti-malware is often included for free within popular operating systems. These should be used on all computers and laptops.
- Whitelisting can also be used to prevent users installing and running applications that may contain malware – the process involves an administrator creating a list of applications that are allowed to be installed. Any application not on the list will be blocked from being installed.
- Sandboxing – a sandboxed application is run in an isolated environment with very restricted access to the rest of the device and networks, ensuring files and other applications are kept beyond the reach of malware.
- Keep your devices and software up to date – manufacturers and developers release regular updates which not only add new features, but also fix any security vulnerabilities that have been discovered. Applying these updates (as process known as patching) is one of the most important things you can do to improve security – set to ‘automatically update’ wherever this is an option;
- Manage your third-party suppliers – ensure that cyber security and legal language are added to any contract with the right to audit – remember you cannot transfer the responsibility so robust due diligence is essential;
- Use good detection systems and establish an effective monitoring regime.