Cyber security resolutions for 2018

Prompted by high profile attacks including those on the the NHS is the UK and on infrastructure in the Ukraine, cyber security was in the spotlight in 2017. Sam Reed shares his pick of cyber security resolutions for 2018.

As we enter 2018, we can expect this focus on cyber security to continue as technological advances give the internet an even more prominent role in all aspects of our lives. 

So, making some cyber security resolutions for the new year will stand you in good stead. 

Protect your connected devices 

The growth in the internet of things (IoT) is set to continue in 2018 and bring many benefits to our lives. At work, it can lead to greater productivity, while practices like remote working will become more common as the IoT gives staff greater flexibility to work off site.

Unfortunately, having more devices connected to the internet brings an added security threat. IoT devices can be hijacked by cyber criminals who can turn them into botnets and use them to carry out large scale attacks. That’s exactly how the Mirai botnet attack in 2016  brought down sites like Netflix and Twitter.

To protect your IoT devices, start with basic measures like changing the default password and installing software updates regularly. 

Move away from traditional passwords

Traditional passwords are a weak way of protecting sensitive business data because they rely on people following best practice rules they can easily ignore.

In 2018, it is a good idea to take advantage of better password protection procedures that are available. Two-step authentication is already becoming more common and now multi-factor authentication is likely to incorporate further layers of security. Biometrics like fingerprints, voice recognition and facial scans will also be used for identification more widely.

Since mobile phones are often used in multi-step authentication, make sure they are protected too. 

Make sure you are ready for GDPR

The introduction of the General Data Protection Regulation (GDPR) in May 2018 (in Europe) will raise the bar in terms of keeping people’s personal data safe. If you haven’t already done so, then now is the time to review what personal data you hold and the data governance procedures you have in place.

You need to ensure you have the right procedures in place to detect, report and investigate data breaches. It is better to have preventative measures in place rather than being reactive, so it’s worthwhile investing in technology to keep you one step ahead of cyber criminals. 

Prepare for more ransomware attacks 

The ransomware attacks we experienced this year are unlikely to subside in 2018. If anything, we expect cyber criminals to have new tools at their disposal which will make it easier for novices to carry out attacks.

So make sure you learn from the mistakes of the past and don’t get caught out. One thing that was clear from the attacks of 2017 is that humans are often the weak link when it comes to cybersecurity. All your staff therefore need to undergo cyber security training. The National Cyber Security Centre lays out 10 steps you can take to educate staff on how to prevent online threats. That means everyone can help your business stay protected in 2018.


Sam Reed is the chief technology officer at Air IT.
Photo by NordWood Themes on Unsplash