What Is Cyber Hygiene & Why Is It Important?

Uploaded on 2023-11-23 in TECHNOLOGY--Resilience, FREE TO VIEW

By 2025, Cybercrime is set to cost $10.3 trillion worldwide. It is a growing, multi-pronged threat that excels at evading detection and if left unchecked it can pose major systemic risks to critical infrastructure. 

This is significant as an organisation’s customers, partners, and other third parties depend on them having good cyber habits to stay ahead of threats and vulnerabilities that could take potentially down an IT network. 

I like to give the example of driving a car – every car needs to be maintained in good working order (checking the tyres, putting in the right fuel, keeping it insured, etc.) - and an organisation’s cybersecurity is exactly the same: this is called ‘cyber hygiene. Unfortunately, too many organisations are still failing to practice good cyber hygiene.

This leaves their networks wide open to attacks and risks is only financial damage, but reputational, with the risk that it could destroy customer trust.

Therefore, it is important to know where your network vulnerabilities are, the vulnerabilities of your third parties and suppliers they engage with, so your entire supply chain is as secure as it can be. 

Increasing Cybersecurity Resilience

An organisation might think they’ve protected themselves, but can they confidently say the same about the third parties they deal with, and then the third parties that those businesses deal with, i.e. the fourth party vendors. 
If we return to our car analogy, imagine you’re driving along a road and the traffic is flowing smoothly, until there is a collision up ahead or on a neighbouring street and the road is closed. The ripple effect of this is disruption to the surrounding network and you find yourself brought to a halt through no fault of your own. The reason for this is because the road network is interconnected, and it’s no different to digital networks.

A high-profile example of this in the digital space was a recent hack into a third-party vendor that caused multi-day outages to their client’s internal systems. It resulted in financial losses of nearly $9 million per day, a sizable drop in the company’s stock price and a vital loss of trust.

Trust is a vital commodity that cannot be bought and it’s harder to keep as cyber threats evolve. No organisation can guarantee or claim 100% security because what was deemed ‘healthy’ a year ago, may now be at risk from new threats - companies must therefore adapt and take steps to mitigate risk.

This starts with good cyber hygiene habits, and we’ve found that companies that deploy threat detection and response measures report breach event rates that are nine times lower than for companies whose hygiene rating is very bad.

How To Improve Cyber Hygiene

Returning to our car analogy. I mentioned the importance of maintaining a vehicle’s tyres, putting in the right fuel, changing the oil, etc. but even a well-maintained vehicle can then be crashed into. This is where car insurance plays a vital role to protect your vehicle against the unexpected and get you back on the road.

The same can be illustrated in cyberspace. As vendor networks grow and become more interlinked, good cyber hygiene habits can act as insurance. However, we know how quickly cyber threats can evolve and more businesses are becoming aware that they don’t have to do it all by themselves. Automated risk assessments, continuous monitoring, and the ability to pinpoint high-risk vendors can help businesses gain visibility on the blind spots that leave them exposed to danger – and act fast to avoid attacks, whilst maintaining trust with their partners and customers. 

By leaning on this expertise, businesses can now gain enhanced understanding of the risks facing them, zoom in on suspicious network traffic spikes, and move fast to erect robust safeguards against DDoS and web application attacks. 

Withstand Future Threats By Preparing For Tomorrow

The interconnected cyber world of today means that no business is immune from risk, especially as we’re seeing more evidence of more geopolitical motivations and more systemic attacks. However, to protect the hard-earned trust that a business depends on, they must identify the threats of today, and anticipate the threats of tomorrow. 

I’ve illustrated how those businesses which maintain good cyber hygiene habits and widen their visibility over their networks, and those of their partners, will be stronger and more prepared to withstand future threats, thus enabling them to build a stronger global digital ecosystem, building trust with customers and consumers.

Rigo Van den Broeck is Executive Vice President of cybersecurity product innovation at Mastercard

Image: Mariia Shalabaieva

You Might Also Read:

Mid-market Organisations At Greater Risk:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Russian Hackers Have New Tools
HSBC Mobile Banking App Fails »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Techmeme

Techmeme

Techmeme is an online news curation service focused on leading edge technology, including cyber security.

RPC

RPC

RPC is a business law firm. Practice areas include technology and cyber risk.

Telecommunications Industry Association (TIA)

Telecommunications Industry Association (TIA)

TIA works to secure trust in networks by advocating public policy positions on the security of ICT equipment and services related to critical infrastructure, supply chain and information sharing.

Online Business Systems

Online Business Systems

Online Business Systems is an information technology and business consultancy. We design improved business processes enabled with robust and secure information systems.

Cyversity

Cyversity

Cyversity's mission (formerly ICMCP) is the consistent representation of women and underrepresented minorities in the cybersecurity industry.

Rublon

Rublon

Rublon protects endpoints, networks and applications by providing trusted access via two-factor authentication (2FA).

SmartCyber

SmartCyber

SmartCyber is a company specializing in custom IT projects and Cybersecurity.

Vivitec

Vivitec

Vivitec security services are tailored for your business, industry, risk, technology, and size to ensure great protection and planned response for the inevitable cyber-attacks on your business.

Genius Guard

Genius Guard

Genius Guard specializes in DDoS Protection, DDoS Protected Webhosting, HYIP Hosting, Bitcoin Hosting, Cryptocurrency Hosting.

Sydeco

Sydeco

Sydeco offer a complete range of products that secure computer and industrial networks, servers, programs and data against any type of computer attack.

Vectra AI

Vectra AI

Vectra threat detection & response - see and stop threats across hybrid and multi-cloud enterprises.

InterSec Inc.

InterSec Inc.

InterSec Inc. is a cybersecurity company that offers a variety of services to small and medium-sized businesses including CMMC Compliance, Program Management, Governance, & Cybersecurity.

Technoware Solutions

Technoware Solutions

Technoware Solutions is a global company committed to helping entities navigate the digital waters of modernizing their system processes in an ever changing cybersecurity landscape.

Mantodea Security

Mantodea Security

Mantodea Security is an industry-agnostic powerhouse backed by extensive experience and expertise in the realm of IT security.

Haiku

Haiku

Haiku stands at the forefront of cybersecurity upskilling, leveraging video games to immerse you in a flow state for accelerated, enduring learning.

Umbrella Cyber

Umbrella Cyber

Umbrella Cyber specialises in Cyber Essentials and Cyber Essentials Plus Certification and penetration testing.