After business closure periods such as the Christmas holidays we all power up our devices without giving their health or security a second thought. At Christmas and when offices are closed for long weekends, it’s very common that cybercriminals will look to take advantage in times like these to strike, aiming to go unnoticed until you return to the office or until your systems are restarted.
This poses a serious threat to your business as you can't defend against something you don’t know exists. To help you tackle the threat before it wreaks havoc in your systems and on your devices, we've created a Cyber Workout Plan for 2023 to keep your business fit and ready to tackle any cyber security challenge!
Cyber Workout One: Password Management
Ensure any passwords you create and use are complex, random, and secure! 64% of individuals reuse passwords over multiple accounts, and in 2021, compromised credentials accounted for 20% of all data breaches!
- Enable multi-factor authentication to your company accounts and devices - adding an extra layer of security to the login process.
- Power up your security by switching your passwords to passphrases; this is a series of random words with no relation to one another.
- Introduce a password manager to store your credentials in a secure location - this helps prevent password fatigue.
Cyber Workout Two: Check for Software Updates
Keep your software up to date! During the winter break, your company devices may need a software update - enabling auto-updates to ensure your technologies have the latest security defences and resolve any potential bug issues.
- Install software updates as soon as they become available to fix exploitable bugs in your devices.
- Enable automatic updates for OS, applications, and firmware, where possible.
- Keep track of which versions of the software are installed on your devices so that you can promptly target security updates.
Cyber Workout Three: Update Your Cyber Incident Response Plan
When did you last test your Cyber Incident Response plan? Ensuring you have a solid and up-to-date Cyber Incident Response Plan can minimise the fallout in the event of an attack or breach. Hopefully, you won’t ever need to use it, but it is fundamental to implement!
- If you don’t have a response plan in place, look to implement one throughout your organisation covering data backups, a communications plan, and steps to recovery.
- Once you have your response plan implemented, test this every 6-12 months - this includes looking at how long your backups take to restore your data, what communication methods you use, and who has ownership of each action.
You can download the full Cyber Workout Plan here or visit our website to learn more.