A cyber incident can be catastrophic for any company, and all firms would be well-advised to adopt a watertight security approach to security practices.
Despite this, the UK government’s Cyber security breaches survey 2023 found that UK cyber hygiene has declined since 2021, with the use of password policies falling from 79% to 70% and network firewalls from 75% to 67% across the period.
Despite this, the UK government’s Cyber security breaches survey 2023 found that UK cyber hygiene has declined since 2021, with the use of password policies falling from 79% to 70% and network firewalls from 75% to 67% across the period.
In this episode, Rory is joined by Steve Furnell, IEEE senior member and professor of cybersecurity at the University of Nottingham to discuss how IT leaders can drive a cultural shift within their organizations to put security at the forefront of decision-making.
Highlights
“People are choosing less than strong passwords, we could say. But where do they get the support to understand what good looks like? Being given the device choose a strong password is only any use if you know what a strong password is and how to differentiate it from a weak one. ”
“I think the divergence, particularly between the large organizations and the smaller ones, is an issue of awareness and recognition of cybersecurity as a thing that matters or ought to matter to them.”
“If we're thinking about the security team, the CISO or whoever's going in and representing security, they need to be mindful of communicating it in a way that the board, the executive team, the C-suite will understand.”
Footnotes
- What is DevSecOps and why is it important?
- Five things to consider before choosing an MFA solution
- What is two-factor authentication?
- The sooner the FIDO Alliance can shut down passwords, the better
- The top 12 password-cracking techniques used by hackers
- Revealed: The top 200 most common passwords of 2022
- NCSC expands incident response scheme to support smaller at-risk organizations
Subscribe
- Subscribe to The IT Pro Podcast on Apple Podcasts
- Subscribe to The IT Pro Podcast on Google Podcasts
- Subscribe to The IT Pro Podcast on Spotify
- Subscribe to the IT Pro newsletter
- Subscribe to IT Pro 20/20
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
The new era of cyber threatsITPro Podcast With AI-powered attacks and state-backed groups, security teams face face a new wave of sophisticated threats
-
Supply chain scares and Google’s AI codeITPro Podcast As the ransomware attack on Blue Yonder disrupts a wide range of firms, Google moves to lead by example on internal AI code
-
Halloween special: Cybersecurity horror storiesPodcast Join us for three terrifying tales sure to chill any IT professional to the core
-
Securing your business with education and trainingITPro Podcast Keeping your workforce updated on the latest threats requires a cohesive cyber skills strategy
-
Cracking open insider threatsITPro Podcast Leaders need to perform strict identity measures on would-be hires – and ensure employees who leave have access promptly removed
-
Protecting the public sector from hackersITPro Podcast With the public sector facing increasingly sophisticated threat actors, leaders need centralized security plans and better communication
-
How cyber attacks damage mental healthITPro Podcast As staff struggle to cope in the immediate aftermath of a cyber incident, leaders must do more to foster a culture of support
-
LockBit leader revealed: What it means for ransomwareITPro Podcast With LockBit's founder having been unveiled publicly and with international law enforcement still digging into detailed attack stats, the group is on high alert
