Is your I.T. and cyber security ready to tackle any cross-fire from the conflict?
Prefer reading to listening? You can download the full episode transcript, here: http://traffic.libsyn.com/techcess/Techcess_NCSC_Cyber_Essentials_Guidance_Amid_Russia_Invasion.pdf
In light of the recent cyber-attacks waged against organisations in the UK and Ukraine, NCSC has released fresh guidance on Cyber Essentials.
Cyber Essentials is a government-backed scheme that provides businesses with a set of basic security measures to protect themselves against cyber-attacks.
The scheme is voluntary, but all businesses are encouraged to participate.
The NCSC has warned businesses that the Russia-Ukraine conflict is likely to lead to more cyber-attacks, and that they should prioritise their cyber security protocols above all other I.T. related matters at this time.
They have also released a list of practical things businesses can do to protect themselves.
Our hope is you’ll find the simplified narration useful, and that you’ll understand some of the immediate actions you need to be taking to ensure your business’s ‘Techcess‘.
What’s the updated guidance from NCSC?
The NCSC is urging all businesses to prioritise their cyber security protocols above all other I.T. matters for the time being.
So, in line with that, we wanted to offer you a number of practical tips on how to do this.
Check software updates and patches
Among other measures, checking your software patches and updates is vital right now.
Mark says, “It’s absolutely critical that web browsers are kept up to date just now as well as everything else. So basically turn on automatic updates everything and update things. Whenever you see a warning that there is a system update available, don’t just ignore it and delay it.”
As the NCSC has warned, the Russia-Ukraine conflict is likely to lead to more cyber-attacks. And as we all know, one of the best ways to protect yourself from a cyber-attack is by keeping your software patches up to date.
This is because software patches are updates to your software that fix security vulnerabilities and bugs.
Ensure your multi factor authentication is configured correctly
Another important measure is to ensure your multi factor authentication is properly configured.
Multi factor authentication (MFA) is a security process that requires more than one form of identification from the user in order to log in.
For example, you may have to enter your password and then confirm it with a code that is sent to your mobile phone.
MFA adds an extra layer of security, making it more difficult for cyber-attackers to gain access to your systems.
“As I’ve said time and time again, Cyber criminals and hackers go for low-hanging fruit because quite often they don’t know what they’re actually going to get”
– Mark Riddell
Have you confirmed your running up-to-date antivirus software?
Finally, NCSC also recommends that businesses ensure their antivirus software is current.
Antivirus software helps to protect your computers and devices from malware, which is malicious software that can damage or disable your devices.
It’s important to note that there are different types of antivirus software, so you’ll need to choose the right one for your business.
The NCSC’s ‘three random words’ advice
NCSC has advised that organisations should use a ‘three random words’ security protocol. This is a security measure that requires you to enter three random words in order to log in.
This is a more secure alternative to using passwords, as it’s more difficult for cyber-attackers to guess.
You can choose any three random words, and this article from the National Cyber Security Centre’s “Tips for staying secure online” guidance might give you an idea of how it works.
But obviously we advise you don’t use their exact suggestion for your own password.
We’ll also have more guidance on using a password manager in a near future episode of the “Techcess” technology podcast.
A list of cyber security measures Mark talks you through during this episode:
Here are those measures that Mark will elaborate on during the episode:
- Checking system patches
- Making use of better passwords
- Configuring your multi factor authentication
- Your antivirus and firewall effectiveness
- Your backup solutions – (there was a full episode about this, here)
- An up-to-date emergency incident response plan (not stored on a website somewhere!)
- Checking for third-party remote access to your systems (and removing any that don’t need to be there!)
- Getting cyber essentials certified – (here’s the past episode that Mark mentions)
Concerned by what you’ve learned in this episode and don’t know where to start? Book a free chat with Mark!
Here’s the link in case you’re reading this in something that’s disabled the links! – https://m3networks.co.uk/meetmark
Get more valuable technology insights from m3’s blog pages, here.
Mark Riddell‘s technology podcast “Techcess” is an m3 Networks production. Mark and the team have created this podcast to help you and their clients understand how technology can help them in their industry and business, including helping them with cyber security solutions. To find out more about Mark Riddell and the rest of the m3 team, visit them here and follow them on Linkedin.
If you want to get in touch about technology or cyber security, just address an email directly at Mark here. He’ll be very happy to hear from you.
Thanks for listening! If you enjoy this episode, make sure you follow the podcast via your favourite app.