Jared Thompson
Dec 22, 20206 min
Updated: Jul 13, 2023
With 2020 now behind us, just what do the next twelve months have in store for businesses in Greater Manchester? How can business owners, directors and employees continue to improve their security in 2021? What can we do to prepare us for life post-lockdown in 2021?
We put these questions to our friends and colleagues across Greater Manchester.
Cyber Essentials
Cyber Essentials and cyber awareness for staff!
Marketing Manager at Linten Technologies, Stephanie Lynch-Ozanar
There is no one size fits all safety blanket
There is no one size fits all safety blanket when mitigating the cyber threat, but the first step businesses should do to improve their cybersecurity is to appoint someone to be responsible for cybersecurity who is supported by the board/business owners.
Chief Information Security Officer of Irwin Mitchell, Graham Thomson - Founding Partner of NWCRC
Businesses need to Educate themselves more
There are still a lot of companies that view cybersecurity as an added cost and this needs to change. As a breach could not only cause large fines, reputational damage, and the risk of their business closing as they may not be able to recover from the breach. Businesses need to be aware of cybersecurity and understand the right processes they need to have in place for their organisation, and this starts with education.
Cyber Security Consultant at Cyfor, Raj Kundalia
First Line of Defence
At The Co-operative Bank, we think it’s important that businesses support their employees in understanding more about cybersecurity as colleagues are a critical line of defence in protecting any organisation. Given this, we have created a number of educational resources for businesses to help improve user awareness.
Chief Information Security Officer - The Co-operative Bank, Chris Gray
Cyber Essentials
Get certified in Cyber Essentials, it really can expose your weaknesses before the cyber criminals find them.
Director of Jovasi Technology, Huw Vaughan Jones
Start with a Vulnerability Scan
If they've never done anything with cybersecurity before, start with a pen test or a vulnerability scan. Best way to shine a light on what the priorities are.
Head of Customer Security at TalkTalk, Mark Johnson - Cyber Expert Group Member
Cyber Resilience should be a standing agenda item
Companies should have Cyber Resilience as a standing agenda item for Board and management meetings, with an agreed objective to address one progress point minimum each meeting.
Director of Programmes at BRIM, Joanna Goddard
Implement Cyber Essentials controls
Businesses of any size need to find out about the Cyber Essentials controls and implement as many as they can. These simple controls have been shown to prevent as much as 90% of all cyber attacks. There is plenty of support and advice available online from the NCSC and IASME, as well as the Regional Cyber Resilience Centres.
Chief Operations Officer at the IASME Consortium, Chris Pinder
Focus on the basics
Focus on the basics – patching – this remains one of the most common attack vectors that threat actors use, and for most organisations investment would be minimal.
Cyber Security Compliance Consultant of CyberSecuritiesUK, Rory Breen
Have I Been Pwned
Everyone should go to the free online service Have I Been Pwned (HIBP) and check their email addresses there - it will give you an idea of what is leaked/traded on the Internet amongst hackers and cybercriminals.
Group Information Security Officer of Barbican Insurance Group, James McKinlay
Read the News
Keep up to date on the high-profile cyber-attacks reported on mainstream news and understand how they can help protect their organisation – employees are often the first line of defence against cyber threats.
Chief Information Security Officer - The Co-operative Bank, Chris Gray
NCSC Training
Look at the NCSC free cyber training - It's very good.
Head of Customer Security at TalkTalk, Mark Johnson - Cyber Expert Group Member
Phishing
Learn the basics about phishing and the use of secure passwords.
Director of Jovasi Technology, Huw Vaughan Jones
Increased awareness of the basics
Increased awareness of basic security threats, in particular, phishing training and regular simulations with reinforced training for staff who click on links.
Cyber Security Compliance Consultant of CyberSecuritiesUK, Rory Breen
Research and understand companies' policies
Employees should seek to educate themselves on how to best protect themselves. Research and understand companies' policies, how to report, what to look out for and how to make their colleagues aware of phishing emails.
Cyber Security Consultant at Cyfor, Raj Kundalia
Regular Training
Staff should ask their employer to put security policies in place and give them regular training to keep them aware of the latest trends.
Marketing Manager at Linten Technologies, Stephanie Lynch-Ozanar
NCSC Training
To improve their knowledge of cyber resilience, employees should take NCSC's new free online cybersecurity training for staff.
Director of Programmes at BRIM, Joanna Goddard + Chief Information Security Officer of Irwin Mitchell, Graham Thomson
Be suspicious
Be suspicious, most cyberattacks start with a phishing email. Make sure that from day one, every employee in your business is alert to these increasingly convincing emails and phone calls.
Chief Operations Officer at the IASME Consortium, Chris Pinder
Appreciate the Good Things
I think the biggest lesson we have all learnt in 2020 is that we can be just as happy and satisfied with a simpler, less chaotic lifestyle and that we should appreciate the good things a lot more. We can all be productive working at home more, which reduces the pressure on daily commuting habits.
Chief Information Security Officer of Irwin Mitchell, Graham Thomson
Ransomware Attributed to Patient Deaths
This year we saw Ransomware in hospitals attributed to patient deaths the consequences of getting involved with this type of malware have moved to the next level, anyone thinking that ransomware-deploying gangs would leave hospitals and charities alone is very mistaken, Ransomware is extortion, itis not going away, indeed it is a growth area for cybercrime.
Group Information Security Officer of Barbican Insurance Group, James McKinlay
Mental Health in Lockdown
For me it’s been mental health trying to keep the vulnerable around me sane, it has been a difficult year due to the restrictions and not being able to see my family.
Cyber Security Consultant at Cyfor, Raj Kundalia
Collaboration is better than before!
We can collaborate virtually much better than before. It will be great to see people again (of course) but it will also be great to not spend 4 hours a day in the car commuting for no good reason.
Head of Customer Security at TalkTalk, Mark Johnson
Reliance on Remote Communications
We have learnt more about our reliance on remote communications, backup planning is now a focal point for many where it wasn’t before. Backup plans, crisis management plans and continuity plans have to be a constant agenda point to ensure business resilience.
Director of Programmes at BRIM, Joanna Goddard
Flexible Working is a good thing
We should all look to get IT solutions in place and invest in our business security and having a workforce that embraces flexible working is a good thing.
Marketing Manager at Linten Technologies, Stephanie Lynch-Ozanar
Staff Working from Home
To ensure we have robust and up-to-date business plans, in particular around Home Working.
Cyber Security Compliance Consultant of CyberSecuritiesUK, Rory Breen
Flexible Working Environments
Many organisations have managed to operate very effectively with their staff working at home and their services being available exclusively online. This has accelerated the need for improved cybersecurity to address the challenges of remote access to the company network and work devices or BYOD being used in a home environment. Flexibility regarding the working environment and working hours is something we do not anticipate disappearing.
Chief Operations Officer at the IASME Consortium, Chris Pinder
We were unprepared for the Pandemic
One of the biggest lessons many of us have learnt is how unprepared we were for the pandemic. Having helped customers develop business continuity plans that covered almost every eventuality, sometimes even the best prepared found it difficult to survive. Whilst some have adapted, others have thrived in the hardest of times, but there is a lesson for us all going forward that a bit of forward-thinking and preparation can be beneficial for us all.
Director of Jovasi Technology, Huw Vaughan Jones
The quickest and easiest way you can improve your Cyber Security knowledge in 2021 is to sign up for our FREE membership.
We'll work with you to strengthen your knowledge and resilience to online crime and cyber attacks.