Here’s hoping you’ve all had some quality rest over the holiday period and are returning to work feeling positive about business opportunities in 2023!
The signs are clear, it will be a challenging year for most. So, more than ever, it’s essential that we embrace technology and leverage it to shape the world we live in for the better. How we work, live, and play would not be what it is without the tech that powers the many intricate connections enriching our day-to-day lives.
Unfortunately, new tech means new cyber risks, which we all see being reported on a regular basis in the media. This risk-reward relationship is something many choose to ignore – or woefully underestimate – and as a result, expose themselves and their organisations to considerable unnecessary risk. This is often more severe for small and medium-sized businesses (SMBs) that don’t have the internal expertise or budgets to tackle these threats effectively.
COVID-19 has been a catalyst for immense change, resulting in new hybrid ways of working and accelerated adoption of digital technologies. It has also generated macro-global forces that continue to shape every aspect of our lives. This has led to cybercriminals finding innovative ways to exploit these changes and individuals’ fears.
At the start of this new year, let’s pause for thought and apply some pragmatic cyber security learnings as we plan for 2023. If you are facing record levels of disruption, rising threat levels and tighter security budgets, these are my top 3 tips to get you secured…
Master the basics
Often overlooked are the basic cybersecurity policies, processes and controls recommended in good practice. While not as exciting as the latest new security tool everyone is talking about, cybersecurity fundamentals done well deliver by far the best return on your investment. In addition, they establish a firm foundation upon which you can build your security management system and scale throughout your business using continuous improvement techniques. In the UK, I highly recommend the Cyber Essentials standard, which is a government-backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyberattacks. (www.ncsc.gov.uk/cyberessentials/overview)
Find a friend
As the African proverb wisely suggests “if you want to go fast, go alone; if you want to go far, go together.” Often, as security leaders, you are forced to try and balance the demands for speed and agility against the need for doing it right or quality. Very infrequently do both sets of needs align perfectly. In such cases, you need a trusted cybersecurity partner that you can lean on to leverage their resources, expertise and tools to your advantage. I am not suggesting a vendor, reseller or managed service provider, but rather an independent cybersecurity company that understands your business, the threats that it faces and has committed to a long-term roadmap of improvements that you will jointly invest in to drive a prioritised list of improvements.
Strengthen your last line of defence
And that is your staff. No tools, processes or policies provide 100% protection from all new and evolving threats. Therefore, it is essential to train and equip your staff to recognise and follow secure working practices, to pause and think about security considerations before clicking on that link and building a no-blame culture in which everyone feels confident in reporting suspicious behaviour.
There are numerous cybersecurity trends forecast for 2023. I don’t know exactly what challenges you’ll face as every organisation is different. I strongly suggest that you focus on what you can control to improve the application of security fundamentals in your business. Partner with a like-minded cybersecurity company to drive key improvements and train your staff to make good, risk-based decisions.
Mondas is the home planet of the Cybermen, according to Doctor Who fans. It’s also the name of our cybersecurity company, a group of passionate experts ranging from strategists, architects, engineers, risk, compliance, privacy and security operations specialists. We focus on helping SMBs design, implement and run highly effective cybersecurity solutions and services that are affordable and deliver long-term value.
Keen to know more? Get in touch here.
