Fundamental Steps to Becoming (and Staying) Cyber-Smart

Fundamental Steps to Becoming (and Staying) Cyber-Smart

With accelerating demand on technology and the use of internet-connected platforms, good cyber-hygiene is increasingly important for all businesses and their employees.

Cyber threats, social engineering attacks, digital computing vulnerabilities and data breaches are on the rise, putting the security of our sensitive information at great risk. It’s more crucial than ever to implement cyber-safe practices and ensure all employees remain cyber-smart, all the time. 

We sat down with Rizza Menor, our InfoSec Monitoring and Surveillance Manager, to learn about her guide to becoming, and staying, cyber-smart.

Read on for Rizza’s guide:

The fundamentals

The fundamental tips below will help you to build an effective enterprise security posture that proactively manages risks and protects you and your organisation against cyber attacks.

  • Build the right people, appropriate security technology and a strong, resilient cybersecurity process for your organisation
  • Establish a holistic cyber security framework (like NIST, CIS, ISO, etc.) that will help you build your organisation’s Security Standards, Guidelines and Policies. You should have a periodic review and assessments of your standards and policies ensuring that your security strategies are aligned with your business initiatives and priorities
  • Assess your overall security posture - know your threats, identify the gaps and establish security controls to address the gaps
  • Strengthen your security controls, covering but not limited to your network infrastructure, servers, endpoints, application, mobile, data and backups
  • Enhance your compliance and protection of sensitive information, addressing your privacy requirements and regulatory obligations
  • Improve your security capabilities of vulnerability and patch management, data protection, user access and authentication, privilege access management, logs auditing and monitoring, incident response, penetration testing, Cloud security, 3rd party vendor management and so on and so forth
  • Security risk assessments to ALL application before Go Live is a MUST – this will help you manage and remediate the risk and identify appropriate security controls to reduce or address security vulnerabilities
  • Continuous user education and awareness program to all employees around cyber security and the importance of complying with security policies. Cybersecurity is everyone’s responsibility.

Daily practices for staying cyber-smart

We’re at risk every time we use digital technology and the internet. Following the six security hygiene steps below will help you stay cyber-safe day to day:

1. Protect your devices, browsers and apps. Keep everything up-to-date! 

  • Install anti-virus protection software and keep it updated
  • Patch your computer (turn on automatic updates for your operating system)
  • Be careful when downloading and installing the software (i.e - check if it’s trusted software and coming from trusted sites)
  • Keep your web browsers and their plug-ins (Flash, Java, etc.) up-to-date
  • Backup your data regularly

2. Practise strong password management. Make passwords unique, complex, reset them regularly and do not recycle them!

  •  Create a strong complex password (mix of upper and lower-case letters, numbers and symbols)
  • Change your password regularly
  • Do not recycle or use a previous password when resetting
  • Create a unique password and do not use it for any other accounts/applications
  • Use passcodes in your phone even if they are optional; set a strong passcode, not just the default 4-digit pin

3. Educate yourself about phishing scams. Practise zero trust!

  •  Be very vigilant in opening attachments and links from an email, and beware of giving information on phone calls

4. Protect sensitive information

  • Be careful about what you share with your social media accounts. Always protect your Personally-Identifying Information to prevent identity theft
  • Review your privacy settings across all your social media accounts (ie. Facebook, Instagram, etc.)
  • Be careful when giving your banking or credit card information, make sure the payment site is secured and legitimate
  • Use different email addresses for different purposes (ie. use one address for social media, another for bank/government related accounts etc.)
  • Securely remove sensitive data from your devices when they are no longer needed

5. Practise safe web browsing. If the site looks suspicious, do not proceed!

  • Turn Off the ‘Safe Password’ browser feature
  • Clear your browser cache regularly

6. Be careful of free Wi-Fi and downloads

  • If there’s really a need to access the free internet where you are, avoid doing bank transactions or online purchases while connected to the free WiFi network

Ensuring our teams at Optus are up-to-date and cyber-aware

You can empower employees to be cyber smart by implementing cybersecurity awareness programs. These can include email/blog campaigns, compliance training, and ensuring they understand and comply with your organisation’s security standards and policies.

Your cyber team should also be readily available for anyone’s cyber-related questions and guidance.

At Optus, cyber security is of utmost priority, and an integral part of any new product, solution or service we launch. We endeavour to ensure we protect our customers’ data at all times and assure that our employees are equipped with the knowledge they need to be cyber smart.

We offer all of our people:

  • Continuous security awareness campaigns and education
  • IT learning pathway and development plan for individuals, catering for cyber security skills and capabilities enhancement
  • Numerous learning resources readily available, and the freedom to take ownership of your own training schedule with CX Academy, Optus U and Percipio, to name a few

I am privileged to work with amazing security teams at Optus, and with great leaders who give me all the guidance and support I need to deliver my tasks.

We are provided with continuous learning, training and workshops to enable us to stay on top of the latest security threats and solutions, and given every opportunity to develop our expertise to the highest level.

Are you passionate about all things cyber security, too? Keep an eye on job openings with our team at Optus here

To view or add a comment, sign in

Explore topics