What Is Cyber Hygiene & Why Is It Important?

By 2025, Cybercrime is set to cost $10.3 trillion worldwide. It is a growing, multi-pronged threat that excels at evading detection and if left unchecked it can pose major systemic risks to critical infrastructure. 

This is significant as an organisation’s customers, partners, and other third parties depend on them having good cyber habits to stay ahead of threats and vulnerabilities that could take potentially down an IT network. 

I like to give the example of driving a car – every car needs to be maintained in good working order (checking the tyres, putting in the right fuel, keeping it insured, etc.) - and an organisation’s cybersecurity is exactly the same: this is called ‘cyber hygiene. Unfortunately, too many organisations are still failing to practice good cyber hygiene.

This leaves their networks wide open to attacks and risks is only financial damage, but reputational, with the risk that it could destroy customer trust.

Therefore, it is important to know where your network vulnerabilities are, the vulnerabilities of your third parties and suppliers they engage with, so your entire supply chain is as secure as it can be. 

Increasing Cybersecurity Resilience

An organisation might think they’ve protected themselves, but can they confidently say the same about the third parties they deal with, and then the third parties that those businesses deal with, i.e. the fourth party vendors. 
If we return to our car analogy, imagine you’re driving along a road and the traffic is flowing smoothly, until there is a collision up ahead or on a neighbouring street and the road is closed. The ripple effect of this is disruption to the surrounding network and you find yourself brought to a halt through no fault of your own. The reason for this is because the road network is interconnected, and it’s no different to digital networks.

A high-profile example of this in the digital space was a recent hack into a third-party vendor that caused multi-day outages to their client’s internal systems. It resulted in financial losses of nearly $9 million per day, a sizable drop in the company’s stock price and a vital loss of trust.

Trust is a vital commodity that cannot be bought and it’s harder to keep as cyber threats evolve. No organisation can guarantee or claim 100% security because what was deemed ‘healthy’ a year ago, may now be at risk from new threats - companies must therefore adapt and take steps to mitigate risk.

This starts with good cyber hygiene habits, and we’ve found that companies that deploy threat detection and response measures report breach event rates that are nine times lower than for companies whose hygiene rating is very bad.

How To Improve Cyber Hygiene

Returning to our car analogy. I mentioned the importance of maintaining a vehicle’s tyres, putting in the right fuel, changing the oil, etc. but even a well-maintained vehicle can then be crashed into. This is where car insurance plays a vital role to protect your vehicle against the unexpected and get you back on the road.

The same can be illustrated in cyberspace. As vendor networks grow and become more interlinked, good cyber hygiene habits can act as insurance. However, we know how quickly cyber threats can evolve and more businesses are becoming aware that they don’t have to do it all by themselves. Automated risk assessments, continuous monitoring, and the ability to pinpoint high-risk vendors can help businesses gain visibility on the blind spots that leave them exposed to danger – and act fast to avoid attacks, whilst maintaining trust with their partners and customers. 

By leaning on this expertise, businesses can now gain enhanced understanding of the risks facing them, zoom in on suspicious network traffic spikes, and move fast to erect robust safeguards against DDoS and web application attacks. 

Withstand Future Threats By Preparing For Tomorrow

The interconnected cyber world of today means that no business is immune from risk, especially as we’re seeing more evidence of more geopolitical motivations and more systemic attacks. However, to protect the hard-earned trust that a business depends on, they must identify the threats of today, and anticipate the threats of tomorrow. 

I’ve illustrated how those businesses which maintain good cyber hygiene habits and widen their visibility over their networks, and those of their partners, will be stronger and more prepared to withstand future threats, thus enabling them to build a stronger global digital ecosystem, building trust with customers and consumers.

Rigo Van den Broeck is Executive Vice President of cybersecurity product innovation at Mastercard

Image: Mariia Shalabaieva

You Might Also Read:

Mid-market Organisations At Greater Risk:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Russian Hackers Have New Tools
HSBC Mobile Banking App Fails »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Napatech

Napatech

Napatech develops and manufactures high speed network accelerators specifically designed for real-time network monitoring and analysis applications.

itWatch

itWatch

itWatch is focused on data loss prevention (DLP), endpoint security, mobile security, encryption, and cost reducing solutions for IT operations.

Department of Energy - Cybersecurity, Energy Security, and Emergency Response (CESER)

Department of Energy - Cybersecurity, Energy Security, and Emergency Response (CESER)

The Office of Cybersecurity, Energy Security, and Emergency Response (CESER) addresses the emerging threats of tomorrow while protecting the reliable flow of energy to Americans today.

FRSecure

FRSecure

FRSecure is a full-service information security management company that protects sensitive, confidential business information from unauthorized access, disclosure, distribution and destruction.

Cybersecurity Tech Accord

Cybersecurity Tech Accord

The Cybersecurity Tech Accord promotes a safer online world by fostering collaboration among global technology companies.

IoT M2M Council (IMC)

IoT M2M Council (IMC)

The IMC is the largest and fastest-growing trade organisation in the IoT/M2M sector.

ACA Group

ACA Group

ACA Group are a leading governance, risk, and compliance (GRC) advisor in financial services.

WebSec B.V.

WebSec B.V.

WebSec is a Dutch Cybersecurity firm mainly focused on offensive security services such as pentesting, red teaming and security awareness and phishing campaigns.

cleverDome

cleverDome

cleverDome has created the first community built and proven model that redefines the standards for protecting the most confidential data and information of consumers in the cloud.

Aura

Aura

Aura is a mission driven technology company dedicated to creating a safer internet for everyone. We’re making comprehensive digital security that's simple to understand and easy to use.

DeNexus

DeNexus

DeNexus is the leading provider of cyber risk modeling for industrial networks. Our Mission is to build the Global Standard for Industrial Cyber Risk Quantification.

LayerX Security

LayerX Security

LayerX's user-first browser security platform turns any browser into the most protected & manageable workspace, by providing real-time monitoring and governance over users’ activities on the web.

Threatsys Technologies

Threatsys Technologies

Threatsys’s Integrated cyber security process helps your organizations to ensure that it’s secure from any fraudulent attacks.

Pointsharp

Pointsharp

Pointsharp delivers software and services that help organizations secure data, identities, and access in a user-friendly way.

WillJam Ventures

WillJam Ventures

WillJam Ventures are a private equity firm focused on investing in world-class cybersecurity companies that will become the next generation of leaders in protecting the world’s digital assets.

Xeol

Xeol

Software free of vulnerabilities, built and distributed by trusted entities. Our mission is to help customers secure their software from code to deploy.