1 Jul 2021

Cybersecurity best practice for organisations

Cybersecurity is business-critical. The impact of a data breach can be immense: costing you both reputational damage and lost business. Looking to achieve cybersecurity best practice? Discover these 5 top tips from established expert Paul Overton. 

Paul-Overton1.png
Paul Overton, Director, Trusted Cyber Solutions
In this blog, I'll be looking at five key areas to focus on if you want to achieve cybersecurity best practice. 

1. Think Confidentiality, Integrity and Availability

Within cybersecurity, "CIA" stands for Confidentiality, Integrity, and Availability. This is a security model developed to help people with the key principles of cybersecurity and data protection. I believe understanding and putting these key principles into practice is vital to achieving cybersecurity best practice.

  • Confidentiality
    Who can access the data?
  • Integrity
    Where is the data, and who can edit it?
  • Availability
    When is the data accessible?

Confidentiality and integrity are well-known, but availability is often forgotten. These three aspects work hand in hand to keep your systems secure and user-friendly.

Group-3.png

 

2. Understand the value of your data

All data has value. Some data may not seem particularly important right now, but this might be different for a hacker. Being proactive about cybersecurity means understanding the value of your data.

What makes data valuable? Consider the following:

  • Resale/IP value
  • The cost of reacquisition should the data be destroyed
  • The cost to your reputation of any data loss or exposure
  • The cost incurred due to business downtime

Costs of a data breach shouldn’t be underestimated; If your business lost personally identifiable data, you could face fines up to 4% of your annual turnover.

3. People: Your biggest vulnerability

Human error is a natural point of vulnerability in any organisation. To mitigate risks, encourage cybersecurity training for your staff and make sure appropriate policies are in place. This is particularly important for teams that are working remotely.

The most appropriate place to store this information is in your employee contracts - however, we understand that this might not be attainable short-term.

For a quick win, make sure to distribute a remote working policy and set up online training sessions if there are immediate cybersecurity challenges that need to be addressed. 

data-systems.png

 

4. Protect your systems and websites

It's important to be ever-evolving in your approach to cybersecurity. After all, one thing hackers have that you don't is time. So, although being one step ahead is virtually impossible, you can be proactive about protecting your systems should a breach or attack occur. 

Having a Coding Standards policy, and a set of processes everyone follows is imperative to this. Followed up with good quality control, you have a solid set of processes to fall back on.

Pixl8 recognises that lockdown has resulted in hackers having more time on their hands. However, we see no evidence of any security or data breaches with our own sites - we're being proactive to ensure site code is as up to date and secure as possible. 

5. Approach remote working proactively

Remote working presents a whole new set of cybersecurity challenges. To ensure data remains secure whilst your staff work from home, put appropriate policies and place and communicate them across your team.

remote.png

 

Consider that remote workers in different countries can pose a problem for companies handling sensitive data; there are legal implications once data leaves a geographic area. 

For video conferences or remote training, use passwords and waiting rooms to ensure only authorised users are allowed into your meetings or events.

If you are looking for cybersecurity guidance ...

... take a look at how we could work with you. Trusted Cyber Solutions, a Pixl8 Group company, offers comprehensive and expert consultancy from information security professionals.

Find out more

To recap

If you want to achieve cybersecurity best practice, you need a good handle on the basics, and to take a proactive approach. As I mentioned earlier, the one thing hackers have on their hands which you don’t is time

If you want to mitigate the potential risk of a cyber attack or data breach, you should be taking steps at all levels of your organisation to prevent data leakage, train staff, and handle personal or sensitive data with care. 

Paul-Overton1.png

 

Get in touch

If you are interested in how I can potentially help you, your teams and organisation, I’d love to hear from you.  


Related topics