The risk from cyber is ever-changing, make sure your policy and strategy is robust to counter it.
Develop a cyber resilience policy
They are your first line of defence so make sure they know how to recognise and respond to cyber threats, particularly from phishing attempts.
Train your people
Know your actions to take in the event of an incident and who from a governance position has responsibility to manage that response.
Develop a ‘go-to’ cyber incident response policy
Not just of the organisation itself, but across your suppliers as well, to make sure security measures are implemented.
Conduct regular cyber resilience assessments
Reduce access to only those who have a requirement to help limit the impact if credentials are compromised. Back up your data regularly and in a secure location in the event of a major incident - this will be essential.
Limit access to sensitive data and important systems
Internal and External Vulnerability Assessments can be cost-effective ways to get an external view of weaknesses that a cybercriminal could also easily see and exploit.
Test your systems - use tools to find weaknesses to rectify those issues.
Security patches should be tested and deployed as soon
as possible.
Regularly update software and systems
Limit the impact of a serious breach if a user’s credentials are compromised.
Use multi-factor authentication (MFA) on user accounts
