Since we were young, we have been taught “good hygiene”. Shower, brush and floss, taking out the garbage, you name it. Maintaining good hygiene means having the tools we need to be successful (the toothbrush), accurately executing our hygienic duties (circular motions vs. back-and-forth), and establishing a manageable routine (morning, noon, and night). Good cyber hygiene is no different. It comes from time and energy spent analyzing risk within an organization, and implementing cyber security best practices.
IDENTIFY & PRIORITIZE
- Defining Risk
What is “risk”? Carnegie Mellon University’s Insider Threat Blog defines risk as, “the probability and severity of a decision’s outcome as it relates to the ability of the organization to conduct business profitably”.
- Determine Greatest Risks
Risk is not something we can eliminate entirely, but we can analyse and scale risk, allowing us to focus on, and put the most resources into the determined, “greatest risks”.
ESTABLISH A PLAN & IMPLEMENT
- Good Cyber Hygiene = Everyone’s Responsibility
Regardless of rank, risk runs top to bottom in an organization, and it is therefore imperative that everyone is involved and proactive in establishing where the greatest risks lay.
- Minimize Human Error
Providing two-factor authentication sign-ins, requiring complex passwords, restricting employee administrative access, and training employees on their security knowledge are all steps an organization can take to mitigate risk. Check out some good Cyber Hygiene habits here.
Stay Savvy, my friends.