RSM’s recent cyber defence seminar highlighted the chilling reality of organisational exposure to a multitude of cyberattacks that are growing in sophistication as businesses embrace technology and digital connectivity.
Held on August 1, ‘Cyber Defence Essentials for End Users’ was led by Anthony Lee, Director of Digital Forensics & Investigation from our Corporate Advisory division. The session examined the diverse nature of cyberattacks, preventive measures, and the legal aspect of cybersecurity.
Anthony noted that cyber hygiene — an individual user’s discipline and behaviour to ensure online security — is each person’s responsibility, not that of the organisation.
However, he added that poor cyber hygiene will negatively affect an organisation’s cybersecurity, presenting a risk of non-compliance with relevant laws should a security breach occur. Strong cybersecurity policies and procedures are therefore essential to improve cyber hygiene.
Companies should also have a proper crisis management system to promptly and effectively deal with a cyberattack. This covers areas such as customer service, public relations, the appointment of security incident response managers/officers, legal advice, and escalation procedures.
Understanding the diversity of cyberattacks is crucial to mitigate the risk of security incidents. Some of these include passive, active, phishing and spoof attacks as well as rogue software.
Preventive measures vary depending on the nature of the potential cyberattack. For example, a suspicious email may be one claiming to be from an individual’s bank but requesting information through his company’s email account. A strange incoming email address, such as one ending with ‘@mail.com’, would also be suspicious. Users should always call the relevant senders to verify the authenticity of such emails.
The session also stressed the need for users to refrain from uploading confidential information on the cloud as they have no control over where data is stored there. When using free Wi-Fi in public areas, users should not access their email or social media accounts and avoid internet banking or online purchases as part of good cyber hygiene.
Register for the next ‘Cyber Defence Essentials for End Users’ session on 11 January 2018 here.