Five Tips to Minimise Your Cyber Risk Exposures

1. Patch Operating Systems

Sounds obvious but maintaining up-to-date operating systems and installing the patches does help. Using automated software can assist managing the patch cycle, but a regimented process certainly helps maintain operating system integrity.

2. Have An Incident Response Plan (IRP)

An organisation with a clear, concise and tested IRP will be able take fast action to contain a breach and minimise the financial damage to an organisation. They are more likely to have a better response to legal requirements and potential costly fines.

3. Appoint A Chief Security Information Office (CISO)

Network and Data Security is an enterprise wide risk and not a risk that can be managed within the silo of the IT department. A CISO (or equivalent) should be responsible for data protection and have centralised responsibility for data management.

The CISO should lead and coordinate an enterprise’s response (General Counsel, Risk Management, PR/Marketing, Executive Management) to a cyber-attack. This person should be listed in the IRP.

4. Encrypt Data

With technologically empowered employees all accessing the network via a raft of mobile devices (smart phones, tablets etc.), a data/privacy breach can occur from simply losing a mobile device. Ensuring the devices are encrypted means that even if a device is lost or stolen, the data cannot be used which will mitigate the potential exposure.

5. Have A Network Security Policy

A current and enforced network security policy should outline the organisational rules for appropriate use of an organisation’s computer resources, including enforcement procedures.

The policy among other things should discuss strong password protocols, website access and usage restrictions, as well as appropriate email usage.