Over the weekend there has been much publicised and printed regarding the recent breach at TalkTalk but we’ll leave it to the ongoing investigation by the appropriate authorities to report on the facts in due course.
It has however raised calls by leading business organisations for urgent action to be taken to tackle cyber-crime with the Institute of Directors (IOD) claiming only “serious breaches” of crime make the headlines but attacks on British businesses “happen consistently”.
Little over 12 months ago the UK Government launched a cyber hygiene standard for businesses called Cyber Essentials, by implementing Five Key Controls it is claimed that around 80% of cyber-attacks could be prevented if businesses implemented controls covering:
- Boundary firewalls and internet gateways
- Secure configuration
- Access control
- Malware protection
- Patch management
Following TalkTalk’s statement that it would be prudent to change your TalkTalk password once their service is back up and running, and any other accounts that use the same password, Brian Lightowler, Managing Director of Cyber Essentials Accreditation Body, QG Management Standards explains, “There is a misconception that this is just residential issue, business leaders must realise that these ‘other accounts’ also include business accounts”.
Therefore there are two controls that businesses should implement on Monday morning;
- employees should be instructed to change their passwords on any business accounts, or personal accounts for that matter, ensuring that they have strong passwords, are not duplicated in any other account or shared and
- employees should be made aware of phishing attacks and not to open files that they aren’t sure about or expecting.
In the medium term, Mr Lightowler advises that businesses implement all five control areas detailed in the Cyber Essentials scheme in order to reduce the impact of any future cyber-attack.
To date over 1000 businesses have achieved the standard and on a recent trip to the USA Prime Minister David Cameron said “We need to make sure the UK remains one of the most cyber secure places in the world to do business. It’s great news that even more companies have signed up to our Cyber Essentials Scheme to keep themselves safe and we will continue to invest in supporting companies of all sizes with their cyber security”.
QG Management Standards have created a network of Certification Bodies and Accreditation Practitioners and claims to have a practitioner within 70 miles of every major city in the UK.
If you are concerned about your companies security, or would like more information about Cyber Essentials please feel free to drop me a message on LinkindIN or you can call 01925 838386