As the only Cyber Essentials and Cyber Essentials Plus Certification body located in the Devon and Cornwall area, we have an important message about cyber security to share will all business owners from our Accreditaion Body, QG Management Standards.
What should business owners do on Monday morning?
Over the weekend there has been much publicised and printed regarding the recent cyber security breach at TalkTalk but we’ll leave it to the ongoing investigation by the appropriate authorities to report on the facts in due course.
It has however raised calls by leading business organisations for urgent action to be taken to boost cyber security and tackle cyber-crime with the Institute of Directors (IOD) claiming only “serious breaches” of crime make the headlines but attacks on British businesses “happen consistently”.
Little over 12 months ago the UK Government launched a cyber hygiene standard for businesses called Cyber Essentials, by implementing Five Key Controls it is claimed that around 80% of cyber-attacks could be prevented if businesses implemented controls covering:
- Boundary firewalls and internet gateways
- Secure configuration
- Access control
- Malware protection
- Patch management
Following TalkTalk’s statement that it would be prudent to change your TalkTalk password once their service is back up and running, and any other accounts that use the same password, Brian Lightowler, Managing Director of Cyber Essentials Accreditation Body, QG Management Standards explains, “There is a misconception that this is just residential issue, business leaders must realise that these ‘other accounts’ also include business accounts”.
Therefore there are two controls that businesses should implement on Monday morning;
- Employees should be instructed to change their passwords on any business accounts, or personal accounts for that matter, ensuring that they have strong passwords, are not duplicated in any other account or shared and
- Employees should be made aware of phishing attacks and not to open files that they aren’t sure about or expecting.
In the medium term, Mr Lightowler advises that businesses implement all five control areas detailed in the Cyber Essentials scheme in order to reduce the impact of any future cyber-attack.
QG Management Standards have created a network of Certification Bodies and Accreditation Practitioners and claims to have a practitioner within 70 miles of every major city in the UK.
Cyber Essentials Certification Body Securious based in Devon are able to advise on the most appropriate way for businesses to gain the nationally recognise certification.
For Further Information
Contact Brian Lightowler QG Management Standards on 01228 631681, [email protected]
Pete Woodward, CEO, Securious
It is so important that this message gets across to business owners, that the cyber threat is NOT the IT department’s problem. Business owners need to wake up to their responsibilities and start getting serious about protecting their customer’s data, because without customers, you have no business.
Ignorance to these common threats are beginning to bite, and it is old school thinking “it will never happen to me” that needs to change.
For further information and cyber security advice for your business or organisation, please get in touch on 01837 871247.
Further information and reading: