Humans are always the weakest link when it comes to cyber security

I thought, being Friday, I might take a bit of a light-hearted approach to highlighting one of my favourite topics: the human risk of cyber security.

I'll let the video speak for itself. I've shared this before, but it's worth another share. Now, this is an ad for Cisco Cloud Lock, which I'm not affiliated with, but their ads are clever, relevant, and relatable.

Whilst it highlights real-life risks, it does miss the mark, giving you the impression that their service is the silver bullet that will protect us silly humans from ourselves and the business.

This simply isn't true. Nothing will protect you or your business 100% from data breaches or cybercrime.

There is no silver bullet when it comes to Cybersecurity.

Contrary to popular belief, and security vendors with ads like these don't help the matter, Cybersecurity is not just an IT problem. IT is not your only line of defence. A successful cyber security strategy has to be owned and driven from within an organisation. It needs to be a "done with" you, not a "done for" you approach.

Cyber security is everyone's responsibility, and if your organisation isn't focusing on the human factor with regular education of your team and security awareness training, you are exposing yourself to massive risk.

Just start with one thing.

Here are some simple action items for you:

1. Check whether you’ve been involved in a breach at Have I Been Pwned.

2. If you have been breached, get a good password manager to randomise and store your passwords. You shouldn't be creating your own passwords. And contrary to popular belief, changing your passwords regularly is not recommended, unless you know if it was involved in a breach. Good password managers like LastPass keep an eye out for any breaches you might be involved in. And think of all the headspace you'll free up by not having to remember passwords!

3. Turn on MFA for all your cloud accounts or apps. If you don’t know how simply Google “Turn on MFA for <insert cloud app here>”

4. Secure your devices. If you’re using a personal device for work, which you shouldn't, then something as simple as creating a separate login that doesn’t have admin rights on the computer you’re accessing work information on.

5. Update your apps! Many updates address security risks or flaws. Yes, they can be annoying, but why put yourself and your business at unnecessary risk!

And finally, because it's topical if you are or were a Medibank or AHM customer, the Australian government has released a fact sheet on what you should do next. https://www.homeaffairs.gov.au/news-media/archive/article?itemId=961

What simple change can you make today, that will improve your cyber security?