What Is Cyber Hygiene & Why Is It Important?

By 2025, Cybercrime is set to cost $10.3 trillion worldwide. It is a growing, multi-pronged threat that excels at evading detection and if left unchecked it can pose major systemic risks to critical infrastructure. 

This is significant as an organisation’s customers, partners, and other third parties depend on them having good cyber habits to stay ahead of threats and vulnerabilities that could take potentially down an IT network. 

I like to give the example of driving a car – every car needs to be maintained in good working order (checking the tyres, putting in the right fuel, keeping it insured, etc.) - and an organisation’s cybersecurity is exactly the same: this is called ‘cyber hygiene. Unfortunately, too many organisations are still failing to practice good cyber hygiene.

This leaves their networks wide open to attacks and risks is only financial damage, but reputational, with the risk that it could destroy customer trust.

Therefore, it is important to know where your network vulnerabilities are, the vulnerabilities of your third parties and suppliers they engage with, so your entire supply chain is as secure as it can be. 

Increasing Cybersecurity Resilience

An organisation might think they’ve protected themselves, but can they confidently say the same about the third parties they deal with, and then the third parties that those businesses deal with, i.e. the fourth party vendors. 
If we return to our car analogy, imagine you’re driving along a road and the traffic is flowing smoothly, until there is a collision up ahead or on a neighbouring street and the road is closed. The ripple effect of this is disruption to the surrounding network and you find yourself brought to a halt through no fault of your own. The reason for this is because the road network is interconnected, and it’s no different to digital networks.

A high-profile example of this in the digital space was a recent hack into a third-party vendor that caused multi-day outages to their client’s internal systems. It resulted in financial losses of nearly $9 million per day, a sizable drop in the company’s stock price and a vital loss of trust.

Trust is a vital commodity that cannot be bought and it’s harder to keep as cyber threats evolve. No organisation can guarantee or claim 100% security because what was deemed ‘healthy’ a year ago, may now be at risk from new threats - companies must therefore adapt and take steps to mitigate risk.

This starts with good cyber hygiene habits, and we’ve found that companies that deploy threat detection and response measures report breach event rates that are nine times lower than for companies whose hygiene rating is very bad.

How To Improve Cyber Hygiene

Returning to our car analogy. I mentioned the importance of maintaining a vehicle’s tyres, putting in the right fuel, changing the oil, etc. but even a well-maintained vehicle can then be crashed into. This is where car insurance plays a vital role to protect your vehicle against the unexpected and get you back on the road.

The same can be illustrated in cyberspace. As vendor networks grow and become more interlinked, good cyber hygiene habits can act as insurance. However, we know how quickly cyber threats can evolve and more businesses are becoming aware that they don’t have to do it all by themselves. Automated risk assessments, continuous monitoring, and the ability to pinpoint high-risk vendors can help businesses gain visibility on the blind spots that leave them exposed to danger – and act fast to avoid attacks, whilst maintaining trust with their partners and customers. 

By leaning on this expertise, businesses can now gain enhanced understanding of the risks facing them, zoom in on suspicious network traffic spikes, and move fast to erect robust safeguards against DDoS and web application attacks. 

Withstand Future Threats By Preparing For Tomorrow

The interconnected cyber world of today means that no business is immune from risk, especially as we’re seeing more evidence of more geopolitical motivations and more systemic attacks. However, to protect the hard-earned trust that a business depends on, they must identify the threats of today, and anticipate the threats of tomorrow. 

I’ve illustrated how those businesses which maintain good cyber hygiene habits and widen their visibility over their networks, and those of their partners, will be stronger and more prepared to withstand future threats, thus enabling them to build a stronger global digital ecosystem, building trust with customers and consumers.

Rigo Van den Broeck is Executive Vice President of cybersecurity product innovation at Mastercard

Image: Mariia Shalabaieva

You Might Also Read:

Mid-market Organisations At Greater Risk:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Russian Hackers Have New Tools
HSBC Mobile Banking App Fails »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Assure Technical

Assure Technical

Assure Technical offers a holistic approach to Technical Security. Our expertise and services span across the Physical, Cyber and Counter Surveillance domains.

TWNCERT

TWNCERT

TWNCERT is the National Computer Emergency Response Team of Taiwan.

Codeproof Technologies

Codeproof Technologies

The Codeproof enterprise mobility solution empowers your business to secure, deploy and manage mobile applications and data on smartphones, tablets, IoT devices and more.

AppGuard

AppGuard

AppGuard prevents breaches by blocking applications from performing inappropriate processes using our patented dynamic isolation and inheritance technologies.

Cyber Pathways

Cyber Pathways

Cyber Pathways brings together the next generation of Cyber professionals along with delegates who are looking to cross train and enter the cyber market.

Envieta

Envieta

Envieta is a leader in cryptographic solutions. From server to sensor, we design and implement powerful security into new or existing infrastructure.

FoxTech

FoxTech

FoxTech is an independent, friendly and deeply specialised cyber security company in the UK, with expertise spanning decades of Public Sector and Government services.

NCC-CSIRT (Nigerian Communications Commission)

NCC-CSIRT (Nigerian Communications Commission)

NCC has established a CSIRT for the telecommunication industry to provide services and support for the prevention and management of potential cyber security related emergencies.

Lucidum

Lucidum

The Lucidum platform helps you assess risk and mitigate vulnerabilities by finding and correlating data from your security tech stack.

Prime Technology Services

Prime Technology Services

Prime Tech are a group of Red Hat, Microsoft & Cisco Certified IT Professionals with an impressive track record of consistently delivering value to our corporate clients.

X-Analytics

X-Analytics

X-Analytics is a cyber risk analytics application to create a better way for organizations to understand and manage cyber risk.

CyberSecureRIA

CyberSecureRIA

We founded CyberSecureRIA specifically to secure and support RIAs. We exist to secure SEC-registered RIAs, and keep them compliant with cybersecurity regulations.

Red Helix

Red Helix

Red Helix (formerly Phoenix Datacom) is a market leader in network performance and cyber security.

BLOCX

BLOCX

BLOCX is designed to address the ever-growing challenges of managing and securing digital devices, from personal computers to corporate networks.

Vantyr

Vantyr

Vantyr's core mission is to safeguard the business-led adoption of SaaS applications by automating the lifecycle management and security of non-human identities.

Runtime Ventures

Runtime Ventures

Runtime Ventures focuses on seed and pre-seed stage cybersecurity investments. We love to work with ambitious founders building the future of the secure enterprise.