What Is Cyber Hygiene & Why Is It Important?

Uploaded on 2023-11-23 in TECHNOLOGY--Resilience, FREE TO VIEW

By 2025, Cybercrime is set to cost $10.3 trillion worldwide. It is a growing, multi-pronged threat that excels at evading detection and if left unchecked it can pose major systemic risks to critical infrastructure. 

This is significant as an organisation’s customers, partners, and other third parties depend on them having good cyber habits to stay ahead of threats and vulnerabilities that could take potentially down an IT network. 

I like to give the example of driving a car – every car needs to be maintained in good working order (checking the tyres, putting in the right fuel, keeping it insured, etc.) - and an organisation’s cybersecurity is exactly the same: this is called ‘cyber hygiene. Unfortunately, too many organisations are still failing to practice good cyber hygiene.

This leaves their networks wide open to attacks and risks is only financial damage, but reputational, with the risk that it could destroy customer trust.

Therefore, it is important to know where your network vulnerabilities are, the vulnerabilities of your third parties and suppliers they engage with, so your entire supply chain is as secure as it can be. 

Increasing Cybersecurity Resilience

An organisation might think they’ve protected themselves, but can they confidently say the same about the third parties they deal with, and then the third parties that those businesses deal with, i.e. the fourth party vendors. 
If we return to our car analogy, imagine you’re driving along a road and the traffic is flowing smoothly, until there is a collision up ahead or on a neighbouring street and the road is closed. The ripple effect of this is disruption to the surrounding network and you find yourself brought to a halt through no fault of your own. The reason for this is because the road network is interconnected, and it’s no different to digital networks.

A high-profile example of this in the digital space was a recent hack into a third-party vendor that caused multi-day outages to their client’s internal systems. It resulted in financial losses of nearly $9 million per day, a sizable drop in the company’s stock price and a vital loss of trust.

Trust is a vital commodity that cannot be bought and it’s harder to keep as cyber threats evolve. No organisation can guarantee or claim 100% security because what was deemed ‘healthy’ a year ago, may now be at risk from new threats - companies must therefore adapt and take steps to mitigate risk.

This starts with good cyber hygiene habits, and we’ve found that companies that deploy threat detection and response measures report breach event rates that are nine times lower than for companies whose hygiene rating is very bad.

How To Improve Cyber Hygiene

Returning to our car analogy. I mentioned the importance of maintaining a vehicle’s tyres, putting in the right fuel, changing the oil, etc. but even a well-maintained vehicle can then be crashed into. This is where car insurance plays a vital role to protect your vehicle against the unexpected and get you back on the road.

The same can be illustrated in cyberspace. As vendor networks grow and become more interlinked, good cyber hygiene habits can act as insurance. However, we know how quickly cyber threats can evolve and more businesses are becoming aware that they don’t have to do it all by themselves. Automated risk assessments, continuous monitoring, and the ability to pinpoint high-risk vendors can help businesses gain visibility on the blind spots that leave them exposed to danger – and act fast to avoid attacks, whilst maintaining trust with their partners and customers. 

By leaning on this expertise, businesses can now gain enhanced understanding of the risks facing them, zoom in on suspicious network traffic spikes, and move fast to erect robust safeguards against DDoS and web application attacks. 

Withstand Future Threats By Preparing For Tomorrow

The interconnected cyber world of today means that no business is immune from risk, especially as we’re seeing more evidence of more geopolitical motivations and more systemic attacks. However, to protect the hard-earned trust that a business depends on, they must identify the threats of today, and anticipate the threats of tomorrow. 

I’ve illustrated how those businesses which maintain good cyber hygiene habits and widen their visibility over their networks, and those of their partners, will be stronger and more prepared to withstand future threats, thus enabling them to build a stronger global digital ecosystem, building trust with customers and consumers.

Rigo Van den Broeck is Executive Vice President of cybersecurity product innovation at Mastercard

Image: Mariia Shalabaieva

You Might Also Read:

Mid-market Organisations At Greater Risk:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Russian Hackers Have New Tools
HSBC Mobile Banking App Fails »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Digital Gurus Recruitment

Digital Gurus Recruitment

Digital Gurus provide specialist recruitment services in areas including IT and information security

SecDev

SecDev

SecDev is a consulting firm working at the intersection of geopolitical, digital, urban, energy and cyber risk.

Allen & Overy

Allen & Overy

Allen & Overy is an international law firm. Practice areas include Cybersecurity and Data Protection.

Telspace Systems

Telspace Systems

Telspace Systems provides penetration testing, vulnerability assessment and training services.

Georgia Cyber Center

Georgia Cyber Center

Georgia Cyber Center is dedicated to training the next generation of professionals through education and real-world practice while also supporting innovation in new technologies for online defenses.

ES2

ES2

ES2 is a consulting organisation specialising in Enterprise Security and Solutions Services.

Cycode

Cycode

Cycode is the industry’s first source code control, detection, and response platform.

NARIS

NARIS

NARIS is the leading provider of an integrated Governance, Risk and Compliance platform called NARIS GRC.

Darkscope

Darkscope

Darkscope is an award-winning personalised cyber intelligence service provider. Our cutting-edge AI and Deep Artificial Neural Networks lead the world of cyber intelligence solutions.

Kennedys

Kennedys

Kennedys is a global law firm with expertise in litigation/dispute resolution and advisory services, particularly in the insurance/reinsurance and liability sectors, including cyber risk.

Cisco Systems

Cisco Systems

Cisco helps seize the opportunities of tomorrow by proving that amazing things can happen when you connect the unconnected.

Hawk AI

Hawk AI

Hawk AI’s mission is to help financial institutions detect financial crime more effectively and efficiently using AI to enhance rules and find anomalies.

Cyber Security Council UAE

Cyber Security Council UAE

The Cyber Security Council's vision is to protect UAE cyberspace, maintain confidence in our digital infrastructure and institutions, and build a cyber-resilient society.

RightCue Assurance

RightCue Assurance

RightCue Assurance identify opportunities for improvement in the Information Security for your organisation and work with you to reduce cyber risk.

CyXcel

CyXcel

CyXcel is a cyber security consulting business grounded in the law which natively fuses crises, legal, technical, and consulting expertise digital networks, information and operational technology.

Continent 8 Technologies

Continent 8 Technologies

Continent 8 Technologies is the leading provider of managed hosting, connectivity, cloud and cybersecurity solutions to the global online gambling industry.