Cybersecurity best practice for organisations

1. Think Confidentiality, Integrity and Availability

Within cybersecurity, "CIA" stands for Confidentiality, Integrity, and Availability. This is a security model developed to help people with the key principles of cybersecurity and data protection. I believe understanding and putting these key principles into practice is vital to achieving cybersecurity best practice.

• Confidentiality
  Who can access the data?
• Integrity
  Where is the data, and who can edit it?
• Availability
  When is the data accessible?

Confidentiality and integrity are well-known, but availability is often forgotten. These three aspects work hand in hand to keep your systems secure and user-friendly.

2. Understand the value of your data

All data has value. Some data may not seem particularly important right now, but this might be different for a hacker. Being proactive about cybersecurity means understanding the value of your data.

What makes data valuable? Consider the following:

• Resale/IP value
• The cost of reacquisition should the data be destroyed
• The cost to your reputation of any data loss or exposure
• The cost incurred due to business downtime

Costs of a data breach shouldn’t be underestimated; If your business lost personally identifiable data, you could face fines up to 4% of your annual turnover.

3. People: Your biggest vulnerability

Human error is a natural point of vulnerability in any organisation. To mitigate risks, encourage cybersecurity training for your staff and make sure appropriate policies are in place. This is particularly important for teams that are working remotely.

The most appropriate place to store this information is in your employee contracts - however, we understand that this might not be attainable short-term.

For a quick win, make sure to distribute a remote working policy and set up online training sessions if there are immediate cybersecurity challenges that need to be addressed. 

4. Protect your systems and websites

It's important to be ever-evolving in your approach to cybersecurity. After all, one thing hackers have that you don't is time. So, although being one step ahead is virtually impossible, you can be proactive about protecting your systems should a breach or attack occur. 

Having a Coding Standards policy, and a set of processes everyone follows is imperative to this. Followed up with good quality control, you have a solid set of processes to fall back on.

Pixl8 recognises that lockdown has resulted in hackers having more time on their hands. However, we see no evidence of any security or data breaches with our own sites - we're being proactive to ensure site code is as up to date and secure as possible. 

5. Approach remote working proactively

Remote working presents a whole new set of cybersecurity challenges. To ensure data remains secure whilst your staff work from home, put appropriate policies and place and communicate them across your team.

Consider that remote workers in different countries can pose a problem for companies handling sensitive data; there are legal implications once data leaves a geographic area. 

For video conferences or remote training, use passwords and waiting rooms to ensure only authorised users are allowed into your meetings or events.

Get in touch

If you are interested in how I can potentially help you, your teams and organisation, I’d love to hear from you.  

Want to learn more? I’m running a series of webinars on achieving cybersecurity best practice, full of practical tips, advice, and examples. Sign up here.