What Is Cyber Hygiene & Why Is It Important?

By 2025, Cybercrime is set to cost $10.3 trillion worldwide. It is a growing, multi-pronged threat that excels at evading detection and if left unchecked it can pose major systemic risks to critical infrastructure. 

This is significant as an organisation’s customers, partners, and other third parties depend on them having good cyber habits to stay ahead of threats and vulnerabilities that could take potentially down an IT network. 

I like to give the example of driving a car – every car needs to be maintained in good working order (checking the tyres, putting in the right fuel, keeping it insured, etc.) - and an organisation’s cybersecurity is exactly the same: this is called ‘cyber hygiene. Unfortunately, too many organisations are still failing to practice good cyber hygiene.

This leaves their networks wide open to attacks and risks is only financial damage, but reputational, with the risk that it could destroy customer trust.

Therefore, it is important to know where your network vulnerabilities are, the vulnerabilities of your third parties and suppliers they engage with, so your entire supply chain is as secure as it can be. 

Increasing Cybersecurity Resilience

An organisation might think they’ve protected themselves, but can they confidently say the same about the third parties they deal with, and then the third parties that those businesses deal with, i.e. the fourth party vendors. 
If we return to our car analogy, imagine you’re driving along a road and the traffic is flowing smoothly, until there is a collision up ahead or on a neighbouring street and the road is closed. The ripple effect of this is disruption to the surrounding network and you find yourself brought to a halt through no fault of your own. The reason for this is because the road network is interconnected, and it’s no different to digital networks.

A high-profile example of this in the digital space was a recent hack into a third-party vendor that caused multi-day outages to their client’s internal systems. It resulted in financial losses of nearly $9 million per day, a sizable drop in the company’s stock price and a vital loss of trust.

Trust is a vital commodity that cannot be bought and it’s harder to keep as cyber threats evolve. No organisation can guarantee or claim 100% security because what was deemed ‘healthy’ a year ago, may now be at risk from new threats - companies must therefore adapt and take steps to mitigate risk.

This starts with good cyber hygiene habits, and we’ve found that companies that deploy threat detection and response measures report breach event rates that are nine times lower than for companies whose hygiene rating is very bad.

How To Improve Cyber Hygiene

Returning to our car analogy. I mentioned the importance of maintaining a vehicle’s tyres, putting in the right fuel, changing the oil, etc. but even a well-maintained vehicle can then be crashed into. This is where car insurance plays a vital role to protect your vehicle against the unexpected and get you back on the road.

The same can be illustrated in cyberspace. As vendor networks grow and become more interlinked, good cyber hygiene habits can act as insurance. However, we know how quickly cyber threats can evolve and more businesses are becoming aware that they don’t have to do it all by themselves. Automated risk assessments, continuous monitoring, and the ability to pinpoint high-risk vendors can help businesses gain visibility on the blind spots that leave them exposed to danger – and act fast to avoid attacks, whilst maintaining trust with their partners and customers. 

By leaning on this expertise, businesses can now gain enhanced understanding of the risks facing them, zoom in on suspicious network traffic spikes, and move fast to erect robust safeguards against DDoS and web application attacks. 

Withstand Future Threats By Preparing For Tomorrow

The interconnected cyber world of today means that no business is immune from risk, especially as we’re seeing more evidence of more geopolitical motivations and more systemic attacks. However, to protect the hard-earned trust that a business depends on, they must identify the threats of today, and anticipate the threats of tomorrow. 

I’ve illustrated how those businesses which maintain good cyber hygiene habits and widen their visibility over their networks, and those of their partners, will be stronger and more prepared to withstand future threats, thus enabling them to build a stronger global digital ecosystem, building trust with customers and consumers.

Rigo Van den Broeck is Executive Vice President of cybersecurity product innovation at Mastercard

Image: Mariia Shalabaieva

You Might Also Read:

Mid-market Organisations At Greater Risk:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Russian Hackers Have New Tools
HSBC Mobile Banking App Fails »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Ascentor

Ascentor

Ascentor specialises in independent information and cyber security consultancy. We’re experienced industry experts, providing cyber security services since 2004.

ISC2

ISC2

ISC2 is an international, non-profit membership association for information security leaders. Our information security certifications are recognized as the global standard for excellence.

ThreatSpike Labs

ThreatSpike Labs

ThreatSpike Labs provides the first end-to-end fully managed security service for companies of all sizes.

Exire Technologies

Exire Technologies

Exire Technologies is comprised of a team of professionals who are specialised in cybersecurity and a value added reseller and integrator of ICT security systems.

Nameshield Group

Nameshield Group

Nameshield is one of most experienced domain name registrars, trademark protection specialists and managers of online reputational risk in the world today.

Spin Technology

Spin Technology

SpinOne is a SaaS data protection platform designed to monitor, secure, and back up your G Suite and O365 data, improve compliance, and reduce IT costs.

ProofID

ProofID

ProofID is a specialist provider of Identity Access Management (IAM) solutions. We focus on the solving the complex needs of the modern enterprise.

HARMAN International

HARMAN International

HARMAN designs and engineers connected products and solutions for automakers, consumers, and enterprises worldwide.

Securosys

Securosys

Securosys is a technology company dedicated to securing data and communications. We develop, produce, and distribute hardware, software and services that protect and verify data and their transmission

Avalanchio Technologies

Avalanchio Technologies

The Avalanchio platform gives you a complete solution to collect, process, and analyze security data to detect threats in real-time and analyze historical data using security DSL or SQL.

Pillr

Pillr

Pillr is a cybersecurity operations platform capable of adapting to the demands of your business and team — and the global threat landscape.

Willyama Services

Willyama Services

Willyama Services is a certified Information Technology and Cybersecurity professional services business providing services to government and private sector clients.

RealDefense

RealDefense

RealDefense develops and markets various privacy, security and optimization technologies and services for consumers and small businesses.

Mindcore Technologies

Mindcore Technologies

Mindcore provide cyber security services, managed IT services and IT consulting services to businesses in NJ, FL, and throughout the United States.

Identifid

Identifid

Identifid offers a suite of fraud prevention and identity authentication solutions to businesses and governments using the latest advances in AI, vision processing, and biometric recognition.

SOCRadar

SOCRadar

SOCRadar is an Extended Threat Intelligence (XTI) SaaS platform that combines External Attack Surface Management (EASM), Digital Risk Protection Services (DRPS), and Cyber Threat Intelligence (CTI).