Better ways to improve cyber security

The good guys are loosing and the bad guys are winning and the only place that the good guys win is in the movies.   Have you ever wondered why that happens, not that the bad guys loose in the movies but why the good guys loose in real life.

Society is based on people doing the right thing for the benefit of that society.   We have law enforcement for correcting the status quo when someone breaks the laws of the society.   What we are finding at present is that the communication medium that is the internet is totally lawless and  hard to police.

The largest problem is the good guys always have to play catch up.   It is like the old west movies, something happens – bank gets robbed, cattle get stolen – then the good guys have to form a posse, and light off into the distance, so that they can catch the bad guys sometime without results.

This reactive process is how society has been living for hundreds or even thousands of years, and at present there will be no change on the horizon.   So what can we do to protect ourselves from the lawlessness of the Internet?

Tricky question and the answer is that you have to start thinking like the bad guys.   By thinking like the bad guys you start to put strategies and tactics in place that are designed to protect you from the real bad guys.   To do this you need to look at a number of systems that will deliver the required protection.

Here are just a few!

Start with decent technology –

  • use a good firewall, VPN and wireless system
  • use good operating systems,
  • use good applications.
  • Protect yourself from SPAM, malware, spyware and worms
  • Use best practice where possible
  • Update everything when it comes out
  • Don’t go to or download from dubious sites, in most situations free is bad.

Put good management practices in place

  • use policies, procedures and processes to tighten up what people do in your business
  • Train you staff
  • Audit and monitor systems
  • Create a reporting environment

get adaptable

  • Have a good backup and restore system
  • Have a business continuity and disaster recovery plan
  • Do a risk assessment
  • Build in resilience

Get externally audited and compliant and certified in the above areas.   This will help make sure that you meet all of the compliance requirements

Just a few ideas when it comes to protecting your business from the bad guys.    One final word, talk to an ethical hacker and get a penetration test done on your business.   This will define how secure you really are.

The bad guys may still win but by using better protection than they are expecting they will probably move on to easier targets, and it is so much better if the bad guys rob another bank than yours isn’t it!!!!

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.