Wieland Alge, VP & GM EMEA at Barracuda Networks, on habitually patching your softwareKeeping your systems up-to-date is integral to effective cybersecurity. Every part of the IT infrastructure should be habitually inspected for vulnerabilities and brought up-to-date using the latest patches from vendors. Last year, Edgescan discovered that 63 per cent of all security vulnerabilities could have been eradicated by simply applying security updates. Vendors regularly release security patches that can help reduce exposure to attacks like phishing emails and ransomware, so keeping everything from operating systems and applications such as browsers, plugins and desktop apps up-to-date is a straightforward and cost effective (free!) way to boost security. Yes, we all find installing updates annoying, but software patching really is one the best habits to significantly enhance security.
Thomas Fischer, threat researcher and security advocate at Digital Guardian, on ditching bad password practicesUsing the same password on repeat on a number of devices is a dangerous habit for users to have. We hear about data breaches in the news all the time (talk about Groundhog Day!) and if a hacker gains access to compromised login details, they can attempt to hijack email accounts, steal more data and target the victims’ friends, family and place of work in advanced social engineering attacks. We all log into multiple different services every single day, but how many of those services do we actually have different passwords for? Most people have just one or two passwords they use on repeat and they’re usually easy for hackers to crack. Companies can help to stamp out bad password habits by educating their staff about what makes a good password (think passphrase, not password). Even if employees pledge to change just one or two of their passwords each day, they will be improving their personal security. Businesses should also put policies in place to ensure that employees can’t use the same password for their personal and professional accounts. They must also ensure that these policies are easy to understand and easy to remember.
Matt Bryars, co-founder and CEO of Aeriandi, on keeping your customers’ payment card data safeAdvances in security technology are making many payment channels safer than ever for consumers. However, they are also forcing professional fraudsters to concentrate on an ever-diminishing number of more vulnerable targets. One of these is the traditional contact centre, where the huge volume of Card Not Present (CNP) transactions being processed is making them an increasingly attractive target for criminal gangs. If you handle, store, process or transmit cardholder information, your business must protect that data in line with the Payment Card Industry Data Security Standard (PCI DSS). Business that are the subject of a security breach and found to be non-compliant could face a hefty fine. Ultimately, protecting your customers’ payment card data is an on-going cyber-security discipline that involves continuous assessment of your operations and addressing any vulnerabilities. It’s definitely not a one-time fix! Find out the three remaining Groundhog Day habits on the next page
Share this story