As cyberthreats advance, so too must workforce cyber defences to avoid making what are often preventable and costly mistakes.
Cybersecurity measures in the workplace never grind to a halt, in that employees and employers must always strive to ensure that their skills and systems are as advanced, if not more so, than those wielded by people with malicious intent.
A lot of cybersecurity is arguably common sense – don’t click suspicious links, don’t share sensitive information and so on – but it doesn’t hurt to have a refresher course now and then to keep it all fresh in the mind. To that point, here are some of the most helpful tips to follow if you want to improve or maintain your company’s cybersecurity efforts.
Silo your systems
This one is specifically for anyone who works from home. It goes without saying that we feel comfortable in our own properties and have tried and tested ways of doing things. But there is such a thing as being too comfortable and employees may forget that their systems should never overlap with the organisations.
If you are using company software, keep all activity tied to the workplace. That is to say, don’t download anything not approved by the organisation, or anything you are using in a personal capacity.
Furthermore, if you move around and work between locations – for example at home, a cafe, a work hub – do your due diligence first and ensure that the network you are using is secure. This can be easier said than done, as using public Wi-Fi in general can be risky. With that in mind, shared office spaces and hubs tend to be a more secure option. If you are using what could be a potentially non-secure network in a public place, always use a VPN as an added layer of protection.
Get AI ready
Advancements in technology unfortunately bring risk. AI has unlimited potential and it is certainly the way forward for a lot of organisations looking to advance, scale and grow, but as we have seen recently, it also presents significant risk, as threat actors can use it to launch highly sophisticated scams. The companies and employees that are serious about avoiding and navigating threats are the ones that will adopt AI upskilling as a core aspect of the organisation – not just as a once a year box-ticking exercise.
Useful skills to consider include an understanding of AI and ML models, data science for cyber defence, AI-specific threats and broad digital literacy. You can’t defend against a threat that you don’t understand and if your organisation has knowledge gaps, then you are automatically in a weak position. So make sure everyone on a system understands the ins and outs of how it works and how to keep it secure.
Simple simply isn’t good enough
We have all picked a password because it was simple and easy to remember, making our own lives simpler and easier, in theory. But when you choose an obvious password, or take shortcuts online, it can expose you to malicious people who can easily bypass the protections you put in place.
That doesn’t mean that every password has to be 80 characters long, or so obscure that you yourself can’t recall it without physically writing it down. But it should be something with a diverse set of characters, that someone else couldn’t guess. For example, avoid using easily obtained information like the names of pets, loved ones, birthdays or other significant dates. Implementing multifactor authentication adds another critical layer and biometric verification tools, such as fingerprint or facial recognition software, can also be useful.
Stay current
It is important to note that all of the above is effectively useless if you are operating off of a system that is old or is not updated frequently. In the same way that innovators are constantly coming up with new ways to enhance a system, bad actors are also constantly coming up with ways to break and exploit weaknesses in systems. If you don’t regularly update your devices then you are basically holding a door open for threat actors and welcoming them in.
If your approved system or device is due an update or if there is a trustworthy patch to be applied, don’t put it on the long finger. The longer you leave an update the more vulnerable you leave yourself, your co-workers and the organisation. So, don’t leave it on the to-do list for too long.
When it comes down to it, cybersecurity measures are arguably the most important policies in place at a company. When they are breached or weakened, either accidentally, or on purpose, there is no one in an organisation that won’t feel the impact. Externally, it also places the consumers and partners of a business at risk. Especially financially, or if that business deals with complex or sensitive information.
So we all have to do our bit to ensure practical, robust and consistent cybersecurity engagement.
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
You must be logged in to post a comment Login