Sat, Jul 20, 2024

The official Financial Regulation Journal of SAIFM

Cyber resilience is central to risk management

Richard Rattue, MD of Compli-Serve SA

The rise in cybercrime ranging from a data breach to identity theft, makes each of us vulnerable daily, as cyber criminals constantly seek to outsmart protective measures in place. This is of particular importance in the current ‘work from home’ environment as many people leave the relative protection of their work-based IT systems to use a home PC that may not be so well protected.

Cyber-criminals are clever, and if you don’t think anyone is watching you online, think again.

Cyber resilience should be what every business (and now home office space) should strive for, and it’s a constant task to manage. Thinking your business will never be targeted is a very dangerous assumption to make. Any business is at risk; your contacts or clients could be appealing to a cyber-criminal, or perhaps you look like target practice. There is no distinction anymore as to who a cybercrime target might be.

Big businesses with many clients, or those in lucrative fields might seem like more obvious targets, but it’s often through an individual, or smaller businesses that bigger cyber issues can rapidly unfold. That unsuspecting employee who clicks on the wrong email…

Businesses could be sitting ducks if they don’t get their ducks in a row

A cyber strategy and safe practice guidelines within your business, should become an essential component of your business defence plan. It should be embedded within company culture to always protect the business, and that no longer only includes physical safety measures, a good business plan and sound employees. A robust cyber strategy is essential too. Here are some considerations.

Release the robust routine

The trick to your cyber resilience keeping pace with the risks, is to update and routinely run virus scans, penetration tests and have clear procedures in place for employees. You should also look to take measures where certain online access is restricted.  This mindset should carry through to your personal life online as well.

RIP: The passing of passwords as we know them

Most cyber-attacks happen through passwords; be it a careless slip or a hacker watching your keystrokes via your webcam. There are ways and means to get access, unless you put tight controls in place. Data has become the “new oil”, and cyber criminals will try anything to get to it.

Consider multiple passwords, but unique per password, while avoiding obvious combinations, and changing passwords often. Use two factor-authentication or biometric measures (voice or fingerprint recognition are examples). You need to be thinking ahead, and smarter, to stay safe.

Learn to spot the signs

Being aware of what’s out there is an excellent defence mechanism, and you often have to play detective, taking your time before mindlessly clicking on something, or opening an attachment. You will no doubt have seen a suspicious looking email come into your inbox, but sometimes it can almost pass as real, and if you don’t scrutinise it, you could miss it.

Look out for the context too; an example might be receiving an invoice from a client you’ve already settled with, or from a company you haven’t interacted with in some time.  Sharing these types of processes with your employees is necessary too.

There are multiple ways to manage your safety online and within your business. Making cyber security a key part of your compliance and risk strategy will keep things in check and make all the difference.  Keep safe!

- Advertisement -spot_img

Latest Articles