Becoming Web Safe – SWCSC event hosted by The University of Exeter
A Cyber Resilience Seminar hosted by South West Cyber Security Cluster (SWCSC) and University of Exeter.
Many thanks for University of Exeter for hosting a great event last night.
Devon and Cornwall Police gave us an update on the regional cyber crime threats to businesses, along with a useful insight to some common threats currently in circulation.
Securious presented a walk through on how hackers can get into your websites, and escalate system level access, along with enumeration of your site.
This was followed by a presentation from Kate Doodson Cosmic.
As well as explaining some of the common threat vectors from web attackers, Kate provided solutions on how best to protect your website from these sort of threats, and provided some simple questions to ask your web developer when they built your on-line presence.
There is no better time than now, to look at your security posture, whether you are a micro business or large multinational company, the cyber threat can, and will affect you in some way. It could be a ransomware attack, virus or malware infection, denial of service attack, and not forgetting the human threat, be it an ex-employee or an untrained member of staff.
Take some simple steps now….
- Protect your perimeter to limit attackers gaining access to your sensitive internal network. This is often achieved with the use of a firewall and applying strict access controls;
- Malware protection – Scan for malware across your organisation and protect all host and client machines with solutions that will actively scan for and remove malware;
- Antivirus – Install resilient antivirus, scan regularly and keep the antivirus definition files up to date;
- Access controls – limit your users to only having privileges necessary to complete their day to day tasks;
- Educate your employees on how to detect the common threats – phishing emails, bogus web links, and social engineering;
- Most importantly, have a plan of action should the worst happen. Make a list of key contacts to include, hosting company, internet service provider, technical support, along with a disaster recovery plan, that you test regularly.