How to Improve Cyber Security Awareness

5. Protect Mobile Devices

Every organisation should have a Mobile Device Policy that covers mobile devices such as laptops, mobile phones and tablets. This includes both company owned devices and Bring Your Own Devices (BYOD).
The crucial best practices for mobile security are:

  • Every mobile device should authenticate the user before allowing access using either password, pin, or bio-metric identification.
  • Operating System Updates should be installed without delay. It is good practice to have automatic software updates turned on.
  • Above all, Remote Lock and Data Wipe should be included in your Mobile Device Policy to assure that you can protect lost data and devices, regardless of whether it is a company owned device or a BYOD.
  • Do not allow mobile devices to use public wi-fi networks.
  • Back up mobile data. Consider an automated backup solution with version selection options.

For more information about mobile device management you can download the Australian Cyber Security Centre’s Guidelines for Enterprise Mobility here

6. Apply Software Updates Promptly

There are lots of reasons why it is important to apply software updates. Here are the three most closely related to cyber security.
Software updates:

  • Repair security weaknesses and flaws in operating systems and application programs
  • Help protect your data by keeping hackers out
  • Minimise the likelihood that your device gets a virus and passes it along to co-workers and customers.

7. Use a Firewall

Firewalls monitor who is trying to connect to your network. More importantly, they filter and block un-wanted traffic.
Without a firewall, you accept every attempt to connect to your network, including malicious attackers who could:

  • gain control over your computer or network
  • delete data
  • commit identity theft or financial fraud, and
  • shut down your network

8. Maintain Anti-Virus Software

Most importantly, you need both a firewall and anti-virus software?
To clarify, firewalls monitor “who” is attempting to connect. On the other hand, anti-virus software looks at “what” is being uploaded or transferred to your network or computer. Specifically, anti-virus software looks for threats and performs these key functions:

  • Detection: detects the infected file or program.
  • Identification: Identifies the type of threat, for example, virus, worm, trojan, etc.
  • Removal: Anti-virus software typically quarantines, fixes, or completely removes an infected file.

That completes The Top 8 Things to Improve Cyber Security Awareness.

The 2 Extras to set your oraganisation apart

If you want to set your organisation apart, expand the list to the Top 10 and include the “2 Extras” below.

9. Conduct Spear Phishing Simulations

Phishing is the largest cyberthreat to businesses and consumers worldwide. Moreover, the number of recorded phishing attacks in Australia continues to grow exponentially.
How to Improve Cyber Security Awareness - Phising Attacks
Source: Australian Competition & Consumer Commission – SCAMWATCH
The most common type of deceptive phishing occurs when fraudsters pose as a valid company and, as a consequence, deceive employee’s into giving out private data or login details.  The attackers often create a sense of pressing need which results in the victim complying with their request.
People are more likely to spot phishing attempts when they have seen real-life examples and understand the tactics that cyber criminals use. Coaching employees with simulated phishing attacks is a large part of any organization’s security awareness program.


PHISHING SIMULATION PLATFORM

Phishing is the largest cyberthreat to businesses and consumers worldwide, and the number of recorded phishing attacks continues to grow exponentially. Due to the nature of phishing, your colleagues and employees have become the weak link in cybersecurity and are the last line of defence in protecting your organization.
NINJIO PHISH is natively integrated into our NINJIO DOJO platform and allows you to test and quantify human vulnerability safely and proactively by sending benign simulated phishing attacks to your team, tracking their actions, and reporting results.

Find out how easy and affordable it is to get started with NINJIO Cyber Security Awareness Training including Phishing Simulation.
Get Information  with Pricing
GET INFORMATION

10. Conduct Penetration Testing

A penetration test (pen test) is a simulated cyberattack that is carried out using a mix of manual and automated technologies. The process attempts to breach e-mail servers, web servers, web applications, wireless networks, network devices, mobile devices and other points of entry.
The objective of pen testing is to find flaws or gaps in systems before attackers do.
Openings may exist in multiple places including:

  • network configurations
  • operating systems
  • applications software
  • server configurations
  • data base configurations
  • end-user behaviour or
  • lack of adherence to security policies

The primary aim is to

  • prioritise and implement effective security controls
  • assure regulatory compliance
  • improve cyber security awareness, and
  • increase the organization’s ability to identify and respond to security incidents as they occur.

WHY NINJIO

NINJIO cybersecurity awareness training uses highly engaging, 3 to 4-minute animated micro-learning videos. In effect, we teach organizations, employees, and families how not to get hacked. As a result, individuals and organisations become able to defend against cyberthreats. In the final wrap up, employees become the first line of defence against today’s sophisticated cybercriminals.
Some of the largest companies in the world have used NINJIO to change the behavior of hundreds of thousands of employees through engaging, emotionally-driven storytelling.
Our philosophy? No more boring, check-the-box security awareness lectures.

FIND OUT HOW EASY IT IS TO GET STARTED