South West Cyber Crime Unit.
For those who have not encountered us, we are the South West Regional Cyber Crime Unit, a section of the police responsible for tackling cyber dependent crimes and their impact upon businesses, groups, charities and some key critical national infrastructure organisations based in the South West.
Examples of such crimes include network intrusion, ransomware and denial of service attacks. We also have a dedicated advice unit who offer free and impartial cyber security guidance to organisations across the South West.
October is officially European Cyber Security Month, so in the spirit of this global initiative, we’ve highlighted 5 simple things you can do to enhance your cyber security:
#1 Backups! Backing up your important data is one of the easiest ways to give your business a good chance of recovery following a cyber attack. Firstly, you need to identify your essential data, information that you couldn't function without. This could be documents, emails, Intellectual Property, invoices or calendars. Then, back up this data to separate devices which are NOT connected to your internal network so that they aren't at risk of infection by malware/ransomware. It's usually a good idea to store copies of backups both on-site for accessibility, but also keep copies off-site in case of environmental incidents such as floods or fires. Consider using USB devices, a separate drive, or backing up to the cloud - the majority of network or cloud storage solutions now allow you to make backups automatically!
#2 Antivirus Install Antivirus on ALL of your computers, laptops and other devices. Unfortunately, we can’t recommend any specific software, so make sure to do some online research around the main name brand providers. Antivirus is also often included for free within popular operating systems. Most importantly, once installed, ensure that the software is constantly updated. Antivirus typically works by checking files against databases of known malicious code, so it's vital that the database of your software is regularly updated, or else it simply won't be as effective against the latest threats. Which leads nicely on to...
#3 Updates Updates fix known vulnerabilities in software. If you don’t allow these updates to happen, then you increase the risk of malicious software exploiting these vulnerabilities to infect your devices. It might be inconvenient, but it’s incredibly important that you make sure these updates happen.
#4 Train your staff to spot the signs of Phishing Phishing emails are one of the leading delivering methods of cyber attacks. You need to make sure that your staff can recognise the tell-tale signs of phishing, and that they know how to report them both internally to IT staff, and externally (via ActionFraud). Training needs to be regular and mandatory for all employees. The National Cyber Security Centre (NCSC) have an in-depth guide entitled 'Phishing Attacks: Defending your Organisation'. We highly recommend employing the advice outlined there.
#5 Passwords! Unbelievable though it may seem, weak passwords are still responsible for an alarming number of cyber crimes. Please make sure that you are following the advice below: - ALL of your passwords should be strong (e.g. use ThreeRandomWords, misspell words, add numbers/symbols/capitals). - Use different passwords for all of your separate accounts - Do not share your passwords with anyone else - Use two factor authentication for any of your accounts which have the option to do so - Change all default passwords on accounts/devices - (For IT managers/administrators) Do not enforce regular password changes. Passwords only really need to be changed when you suspect a compromise of the login credentials - Password managers can be a suitable tool to use. If you are using them, then make sure that the master password is exceptionally strong (see tips above)
For more cyber security advice, guidance and resources, make sure to follow our social media channels, and sign up for our regular e-newsletters which cover the current threats we are seeing and how to defend against them. (Contact us via email, or visit our website to sign up to these newsletters).
- Log in to post comments