Why Cybersecurity is Everybody’s Responsibility

Technological advancements have had a huge impact on business security. Advanced surveillance, access control and alarm systems protect against physical threats, and cybersecurity services defend networks against malicious remote attacks and data theft. 

 

But no matter how strong the security, the threat is always present, and businesses remain susceptible at all times. In fact, there is estimated to be one successful cyberattack every 14 seconds, so IT teams must remain constantly vigilant and aware of new threats as they develop. As 95% of cybersecurity incidents can be traced back to human error, businesses must also educate their people to take their responsibilities seriously, limit the opportunities for attack, and report data breaches as soon as they occur. 

 

Raising cybersecurity awareness 

During the last Cybersecurity Awareness Month, we asked our LinkedIn followers to take part in three polls to assess their cybersecurity concerns and challenges.  

 

The results were interesting. 

 

In our first poll, we wanted to find out what their biggest cybersecurity concern was. 

 

cybersecurity 1 poll 1

 

 

Over half of the respondents (56%) said a lack of employee awareness was their primary concern. Data breaches (22%) and ransomware threats (17%) accounted for just over a third of the answers (39%), and 6% of participants were concerned about threats from inside their organisation. 

 

Next up, we asked which cybersecurity trend they find most intriguing.  

 

cybersecurity 1 poll 2

 

Two-thirds (67%) of respondents said they were most intrigued by AI and machine learning. 17% of participants were interested in zero trust security, while just 8% were interested in Carpool Security and IoT Security.  

 

Finally, we asked what our audience’s biggest barrier to improving cybersecurity was. 

 

cybersecurity 1 poll 3

 

With a more even spread of answers (except for lack of skills), our followers had different views regarding the challenges they face in improving cybersecurity. 

 

Budget constraints and lack of awareness (38%) were the top answers, with complacency about attacks (25%) ranking third. 

 

The shared responsibility for cybersecurity 

Cybersecurity demands attention from everyone in your business, not just those with ‘cyber’ in their job titles (if your business is big enough to have those types of roles!).  

 

There are a number of things you can do to increase employee awareness of cybersecurity, overcome some of the challenges identified above, and be better prepared and protected against attacks. 

 

Updates to software and firmware: In an effort to protect their hardware, manufacturers continually ‘harden the panel’ by releasing security updates for their systems. Updates to firmware address vulnerabilities that attackers could exploit. Keeping computers, smartphones, routers, and IoT devices up-to-date makes it more difficult for systems to be accessed remotely, so companies need to be proactive about updating their equipment and software.  

 

Implementing strong passwords: Employees should be encouraged to use strong, complex passwords for their employee credentials. This can combine uppercase and lowercase letters, numbers, and special characters. Easily guessable information such as names, birthdays, or common words should be avoided, and governance should be put in place to ensure passwords always conform to high minimum standards. 

 

Use multi-factor authentication (MFA): Businesses can take employee credential security one step further by implementing multi-factor authentication. This should be used for sensitive accounts like email, banking, or cloud services. MFA typically involves something you know (password), something you have (a smartphone for authentication codes), and/or something you are (biometric verification, such as a fingerprint). Mobile credentials are increasingly common in access control systems and benefit from the built-in biometric protection standards of Google and Apple wallets. 

 

Secure internet connection: Ensuring your Wi-Fi has all the necessary security and firewalls provides a barrier against untrusted external threats. Firewalls will monitor and control incoming and outgoing network traffic, helping to block unauthorised access and potential cyber threats.  

 

Connect IoT devices to your secure Wi-Fi: Although only 8% of respondents in our poll were concerned about IoT security, figures show there were 1.51 billion attacks in 2022, highlighting vulnerabilities in IoT. Always connect IoT devices to a secure Wi-Fi network with strong encryption (such as WPA2 or WPA3). IoT devices often have default passwords, so make sure you change these to something stronger and continue to keep firmware updated to patch any known security flaws. 

 

Cyber Essentials and Cyber Essential Plus 

Cyber Essentials is a UK government-backed scheme that will help protect your organisation, whatever its size, against a whole range of the most common cyberattacks. 

 

There are two levels of certification: 

  • Cyber Essentials: This self-assessment certification gives you protection against common cyberattacks. The assessment is measured against five technical controls: firewalls, secure configuration, security update management, user access control, and malware protection. 
  • Cyber Essentials Plus: Cyber Essentials Plus encompasses everything in Cyber Essentials, with the addition of a hands-on technical verification. Businesses must complete the online Cyber Essentials assessment as part of the Cyber Essentials Plus certification. 

 

What about the future of cybersecurity? 

Cybersecurity is rapidly evolving, and not before time! As AI and advanced computing technologies develop, threats will become more frequent and sophisticated, which means cybersecurity tactics need to keep up. 

 

AI can also be utilised in defence by helping to detect unusual patterns or identify network vulnerabilities. AI models can process and analyse data much faster than humans, and predictive analytics may one day be able to pre-empt cyberattacks, reducing the average detection time from 49 days to mere moments. 

 

Collaborative efforts for a secure future 

As enterprise security integrators, Frontline Security Solutions only uses leading security manufacturers to help secure our customers’ most important assets. Our product-agnostic approach means we are not aligned with any particular manufacturer. Instead, we supply and install products that provide the best possible level of physical and cyber protection to meet our customers’ needs. 

 

Our partner organisations constantly review and tighten their cyber credentials with updates to software and firmware on their devices, and our excellent relationships with these organisations mean we can assist you with employee awareness and training. Together, we can provide cybersecurity best practices, give real-world examples, and ultimately make your business more secure. 

 

We also provide managed services so your systems are kept up-to-date and proactively protected against vulnerabilities without any additional resource requirements from your in-house team. 

  

By recognising cybersecurity as everyone’s responsibility, you can protect your business against the evolving threat landscape, ensuring a safer and more secure environment for all. 

 

Want to learn more and improve your business’ cybersecurity defences? Contact us now for a consultation at [email protected]

Back to News »

Related Articles

Enhancing data centre security with AI