What's happening on your network?
Why making your staff cyber-aware is vital
Not knowing who or what is on your network could leave your organisation vulnerable to cyber-crime.
This was one of the issues discussed by panelists at the recent SC Congress 2018, who also concluded that training and personnel is an even bigger problem.
Speaking at the event, Ed Tucker, former head of cyber-security at HMRC and now CISO at DP Governance, said lack of understanding of the network environment was a major contributor to security breaches.
“How many people know exactly how many devices they have connected to their network? How many people understand what services and applications they have and whether they talk to each other, and what protocols they use?” he asked.
“We need to teach people to protect the corporate by protecting themselves. It's a big problem. The real skills gap is that people don't understand cyber-security.”
Investing in up-to-date technology to defend your business is critical, but employees remain the first line of defence, and educating them regularly about potential cyber-attacks is vital. A culture that encourages and supports employees in being open (and fast to act) when they have made a mistake is important.
The ‘H Factor' – the human element – is often the weakest link, making cyber-attacks and data breaches possible, sometimes even more so than hackers exploiting system vulnerabilities or employing new malware.
Get your staff trained. No matter what the size of your business, employees probably remain your first line of defence.
Amethyst is an established cyber security training provider offering specialist courses on technical risk assessment as well as more basic introductory level courses for non-specialists - no previous knowledge or experience of the subject is assumed.
Our one-day course, Cyber Security Awareness for HMG, provides an overview of cyber security and Information Assurance principles, including information risk management (impact, threat and vulnerability); sources of cyber security advice and the 10 steps to cyber security.