For week one of Cybersecurity Awareness Month, the theme is to ‘Be Cyber Smart’ and in particular, keep a very close eye on cyber hygiene. This means looking after a whole list of common but vital security tasks focused on keeping systems healthy and safe from attack. From using multi-factor authentication and strong passwords to applying the latest software patches and backing up vital data, these are all smart uses of time and resources.
As our CEO Danny Lopez explained recently, “Hygiene is a regular part of our daily routines. We brush our teeth, take showers, and participate in other practices to maintain health and prevent disease. When it comes to cybersecurity, it’s important to use the same approach. This is more than good housekeeping – the consequences of poor cyber hygiene can be far-reaching and have played a central role in the most widespread and damaging breaches in history.”
The challenge for many is finding an approach where cyber hygiene is embedded in the wider security strategy. A great way to think about it is to borrow from the familiar ‘SMART’ goal-setting acronym for a process to cyber hygiene that is: Specific, Measurable, Achievable, Realistic and Timely. Specifically:
- Specific – focus on a core group of hygiene goals and priorities. The CyberSecurity Forum is one of many places that offers useful starting points and guidance.
- Measurable – put a system in place that allows users to keep track of their cyber hygiene efforts, particularly where there might be gaps in protection.
- Achievable – ensure everyone understands how to address the cyber hygiene tasks that apply to them.
- Realistic – for those organizations that don’t currently focus on cyber hygiene, it’s a good idea to prioritize incremental improvements rather than a ‘big bang’ approach that might leave some people behind.
- Timely – cyber hygiene is a continuous process, not a one-off tick box, so ensure users revisit it on a regular basis.
We think ‘T’ should also stand for ‘Technology’. As our Chief Product Officer Paul Farrington said recently, “Organizations need to accept that minds can be hacked. Many of the attributes that make us unique, such as curiosity, or our ability to trust or even willingness to embrace routine, can mean that we are perfect participants in a game that is overwhelmingly stacked against us.”
As a result, organizations need to remove threats from the equation before users are put in the position of having to make an unwise choice. For example, most people are likely to open an attachment or click a web link that appears to come from their CEO, when in reality it may have been created by a cybercriminal to hide malicious content.
That’s why organizations are adopting Glasswall Content Disarm and Reconstruction (CDR) technology to proactively and instantly remove potential file-based threats, so organizations can trust every file. Our CDR technology instantly cleans and rebuilds files to match its known good industry spec – automatically removing potential threats. This simple approach ensures every document entering your organization is safe, without sacrificing productivity.
To read more about Glasswall CDR solutions, click here