The Government recently announced that it’s set up a new body, the UK Cyber Security Council, to set professional standards and promote career opportunities for the cyber security industry.
Digital Infrastructure Minister, Matt Warman says:
“The fact we are launching an independent professional body for cyber security shows just how vital this area has become – it makes a huge contribution to our thriving digital economy by safeguarding our critical national infrastructure, commerce and other online spaces. The UK Cyber Security Council will ensure anyone interested in an exciting career tackling online threats has access to world-class training and guidance. It will also champion diversity and inclusion, driving up standards while helping the nation to build back better and safer.”
The UK Cyber Security Council has been set up following overwhelming support for a new body from a 2018 DCMS public consultation looking at the issues facing cyber security. The Council will support the Government’s mission to make the UK the safest place to live and work online, and will work closely with the National Cyber Security Centre (NCSC).
IT Backbone pride ourselves on providing robust and high quality cyber security testing, so we’ve put together our top 10 tips for how you can help keep your IT and organisation safe and secure.
Top 10 tips:
- Create, implement and maintain an IT cyber security service strategy. This can be a time consuming endeavour, but is key in ensuring that your security measures stay up to date. IT Backbone can integrate new managed cyber security technologies to increase your cyber security
- Don’t go for the cheapest pen tester. They often lack due diligence, and can work from a one size fits all approach, leaving you with a partially irrelevant and generic report
- Ensure your pen test project scope is well defined. One challenge with security testing is that you probably don’t know what flaws you may be susceptible to, so avoid making a closed list of security
- Don’t just engage a manual pen tester once a year, create automation to regularly scan for vulnerabilities
- Cyber security is a business risk, not just an IT risk. Keep the C-suite aware and up to date of the value and potential impact of lacking adequate security measures. Attackers can not only potentially access customer and employee details, intellectual property, but also they can carry over to physical exploits, such as door locks and phone systems
- Make all employees aware of the business risk of cyber and network security, and provide information for everyone to safeguard against attacks, no matter what their role in the company
- Use two factor authentication for email, and secure smartphones and tablets with a screen lock, which is password protected (don’t use easy to guess codes like 1234)
- Ensure that employees can’t download anything and everything – implement restrictions, so that only admins can install, if they are confident that the download is safe and necessary
- Only use your own computer and devices – you never know whether someone else’s might have malware or a keylogger installed
- Educate staff on social engineering, so they can remain alert to potential attacks which aren’t just online
IT Backbone can help you by carrying out thorough and extensive cyber and network security, so get in touch when you need our help!
