October marks European Cybersecurity Month (ECSM) and National Cyber Security Awareness Month (NCSAM). It can serve as a valuable reminder for organisations to evaluate their position in relation to Cyber Security. This blog begins a series of key topics and takeaways we will be sharing during the month to focus our attention on the day to day awareness needed within our business, to enable users to work with security in mind and increase their resilience to threats.
This year has bought many challenges in the world of Cyber Security. We are still navigating a pandemic which has resulted in changing the way we work in order to deliver key messages and services to our teams and customers.
The topic of Cyber Security is so extensive you simply could not cover every topic in a month, but NCSAM gives us the opportunity to emphasise that security is a continual learning stream. It is an opportunity to review how your teams are engaged and it allows us to reinforce through educating the key topics that pose a threat and impact our businesses. The goal of raising awareness is to convert the learning into action and either reinforce or create lasting behaviour change.
Cost and budget constraints are a large factor in security implementation for any business. There are a number of steps we can take to protect our assets and intellectual property from attackers. Our employees are one of our biggest assets and are often labelled the weakest link. However, we should consider them to be the first line of defence. Take a moment to reflect on that and ask yourself “Are we educating them and providing training and guidance in a supportive environment designed to empower them?”
Security is not a default setting and in order to drive awareness and behavioural change we must engage executive management so that the information security strategy aligns with the business objectives. Once people understand the company security strategy and how they fit into that, the how, why and consequences of non-compliance will encourage engagement and mindful practices, which in turn will make security a more inclusive subject that everyone plays a part in, no matter what their role is in the business.
Watch out for our next blog on homeworking and securing your home environment.
How can Nexor help?
Nexor’s experienced cyber security consultants can work with your business to carry out a detailed risk assessment to determine what threats you need to defend against. Following this, we can design suitable risk mitigations for you to implement as well as assist you in gaining any certifications such as Cyber Essentials or ISO 27001 to help protect your business.
Author Bio – Dawn O'Connor
Dawn O’Connor is an associate of Nexor with an extensive business background across different market sectors including retail, local and central government and law enforcement. She is a member of the Chartered Institute of Information Security and co-chairs the Nottingham/Derby/Leicester Branch. Dawn holds the Certificate in Information Security Principles and the ISO 27001 Foundation certification.
Be the first to know about developments in secure information exchange