Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd, Amazon #1 author on Cybercrime and founder of the SME Security Framework | Speaker | Consultant | Trainer discusses – Why are the fundamentals of digital security constantly letting us down
[Start of transcript]
Hello. My name is Roger.
And today I’d like to talk to you about why the fundamentals of digital security seem to let us down all the time.
So, what are the fundamentals? Well, let’s start off with patching. We’ve all seen it, Microsoft regularly comes up and says it’s going 45 updates to apply, please apply now. Apple does it, iPads do it, Android does it. Everybody who is creating software, who actually knows what they’re doing, has a patching process because the bad guys find out how to get round some of the complexity of the application and the application designers needs to fix those ways around.
The second fundamental is passwords. Passwords are really, really complex. They have to be complex across the whole business structure. But they also have to be unique. For every password that goes in to the system, you need a unique password. They also have to be a certain length. Eight characters is the minimum. If you’ve got anything under five, you need to change it now.
What are the fundamentals of it? Well, the digital world relies on as you’re using it in real-time. What happens when it breaks? When it breaks, it’s really important that you have a copy of what is happening.
You can have two types of copies, one is real-time copy, so when something is being copied in real time to another location, or you can have historical backups. Historical backups are something that was done three months ago or some are backups that was done six months ago. So, in today’s world, if I look for file that was deleted three months ago, I have a way of getting it back.
The other fundamentals are we need an antivirus and we need a firewall because they are part of your protection strategy, they make you more secure in the digital world. And then, there’s two of mine. Fundamentals are get paranoid. Because in the digital world, you’re one click away from being attacked. So you have to make sure that you’re not giving yourself the opportunity to be attacked.
And the other one is use common sense. Common sense to us means that you think before you act and you don’t do anything stupid in the digital world. Because the moment you do something stupid in the digital world, then you have a really good chance of being a victim of cybercrime.
So, why are the fundamentals important? Well, if you get the fundamentals right, then all of the other components of the business and digital security actually start fitting into it really well. Because, yes, we have technology, but we need to patch it. We need to make sure the passwords are correct. We need to back it up if it’s got a conflict. We need to make sure the firewalls are in place.
But, what about management? Okay, we have a management component to protect ourselves. And that management component says what do we do the patch work? Patch it. When we do the passwords. How often do we back up? Now, our adaptability, changing the culture of the organizations. And these are all important facets of being secure in the digital world.
Thank you and if you have any questions, please contact us.
[End of transcript]