Business leaders must not see cyber crime as “just a technical issue” that can be left up to IT departments, a spy chief has warned in the wake of the Royal Mail ransomware attack.
Lindy Cameron, chief executive of the National Cyber Security Centre – a division of GCHQ, in an article in the UK Telegraph newspaper, said company bosses could not rely on the Government alone to protect them from major cyber incidents and had to step up their measures.
She is calling on boards to be more cyber aware and move beyond cybersecurity just being a “technical issue” and left to the IT department to manage.
As we saw with the recent Royal Mail ransomware attack, it can take down a whole company’s ability to provide basic services.
She also points out that board members need to develop a basic understanding of cyber security, which can help when seeking assurances from IT teams about an organisation’s resilience.
Just as board members need to have a certain level of understanding of finance to assess financial health, they should develop the same skills in cyber security.
In each of my talks, I deliver a public service announcement with actionable advice on how to practice good digital hygiene, such as:
• Turn ON 2-factor authentication on all websites that offer it – a good directory of those that support 2FA is at https://2fa.directory
• Deploy a Password Manager such as 1Password to start to move away from the dependency of remembering passwords
• Visit https://haveibeenpwned.com to see if your email/password/cellphone number has been included in a breach – this site has over 12 billion accounts that have been compromised.
Are you doing these things? If not, then why not set aside an hour this week to look into it – start with this article here.