In the United States, cyber security experts and other stakeholders observe October as the National Cyber Security Awareness Month (NCSAM). The 15-year-old practice is now attracting the attention of the cyber security ecosystem across the world.
Sophos, an Internet security solutions firm, feels that it's time the cyber security stakeholders need to spread the word around the risks involved in the cyber space. Quoting a survey the company conducted, Sophos said about 31 per cent organisations it surveyed in the country anticipated cyber attacks in the future.
“About 30 per cent of the IT managers think their organisation’s current defences are not sufficient to block cyber threats they have seen in the past year,” he said.
The sample size for the global survey was 2,700 IT decision makers.
“Organisations need to adopt a defence-in-depth cyber security strategy to better protect their environments. They should aim for inclusion of every employee in increasing cyber security,” he said.
Patch early, patch often
“Brand new vulnerabilities and exploits hog the limelight of security news. Because you could not have patched ahead, they’re known scarily as zero-days,” he said.
“People often put off patching either to save time or because they’re scared something might break. The problem is that the longer you leave it, the more time it will take when you get around to it,” he felt.
Proper passwords
Sophos says it’s important to make all new passwords different and hard to guess. “Criminals are now using tools that sniff out passwords reused on other sites to make their work easier,” it says.
Two-factor authentication
Organisations and individuals must consider having a two-factor authentication (which means two layered passwords to log in to your accounts.). It can keep tabs on cyber criminals who guess or buy passwords from the cyber underworld.
You need to build a checklist before allowing someone to remotely access your network. It's not just enough to trust the individual. It's also important to factor in the computer that the individual is working on.
A compromised computer at the other end could pose a threat to your network, and to your organisation.
Achilles Heel
“One weak point is all it takes to allow a hacker access to the system and cause damage. Organisations need to close down access points that are not being used,” he said.