Damages caused by cybercrime are expected to cost US$10.5 trillion per year by 2025 in the world. The situation, constantly evolving, should therefore not be taken lightly. Threat actors are constantly finding new ways to attack organizations. And yet, only 60 % of public transportation agencies are prepared for a cybersecurity attack.
That's where cyber hygiene comes in.
By maintaining security levels and keeping your organization's systems, devices, and procedures up to date – whether, for example, through secure communications or by taking out cyber insurance – you significantly reduce your chances of being the victim of a cyberattack.
The first step: supply chain risk management
Cyber threats are everywhere. That's why it's important to do everything you can to limit your organization's vulnerabilities. Through supply chain risk management, you build a strong network of trusted suppliers and secure your supply chain end to end. This strengthens your organization's physical security and helps protect you against potential cyberattacks.
It is important to communicate and work closely with your partners and suppliers to fully understand their data protection and privacy policies. After all, the highest level of resilience against cyber threats is not achieved alone. It is reached when all parties involved commit to following best practices.
You can start this dialogue by asking your suppliers and partners the following questions, which are addressed in more detail on our Trust Network page :
- How transparent are my suppliers about their vulnerabilities?
- Do my suppliers prioritize security in the development of their products?
- Have they implemented a comprehensive strategy to reduce security flaws and vulnerabilities?
By asking these questions, your organization is best positioned to prevent a cyberattack and, if the worst should happen, to respond to it.
Detecting suspicious communications
Threat actors use social engineering campaigns – such as phishing or pretexting attacks – to trick you into unknowingly providing sensitive information and thereby give them access to your private data. That's why it's vital for your organization's physical security to ensure that all your employees can effectively detect and counter attempts at suspicious communication.
Mistakes can always happen. But keeping an eye out for unusual communication requests and thinking before clicking on links or messages are some of the ways that can help protect your organization against cyberattacks.
Methodically raise users' awareness from the outset
Given that a cyberattack can have long-term negative impacts on your organization – whether financial loss or data loss – methodically raising your employees' awareness is a long-term investment.
Raising your employees' awareness of cyber hygiene is an ongoing process that should begin as soon as they join. By explaining the importance of strategies such as choosing strong passwords, using lockout devices, and identifying social engineering attacks, your organization can limit the risks of human error while maintaining best practices.
Add financial protection through cyber insurance
There are no fewer than 12 different types of coverage for cyber threats, which means you'll need to do some research before finding the cyber insurance that meets your organization's needs. With cyberattacks on the rise, investing in the right policy should be an essential part of your cybersecurity strategy.
Given the large number of options available, reading the fine print is a key part of the insurance selection process, as it will determine the exact coverage you will receive in the event of a cyberattack. Alongside a careful selection process, it's important to understand your insurer's claims process to avoid any additional confusion and stress in the event of a cyberattack.
While cyber insurance is a good way to mitigate the financial risk of cyberattacks, carefully vetting your suppliers, partners, systems, and devices, and defining an effective risk mitigation plan are all essential steps to protect your organization against cyberattacks. Never forget that a single vulnerability is one vulnerability too many.
Good cyber hygiene is a team effort
Cyber hygiene is not just about securing systems and devices; it also requires time and attention across many aspects of your organization.
Because the security level of your physical security system is only as strong as the least reliable device connected to it, there is little room for error.
By focusing on maintaining good cyber hygiene through supply chain risk management, secure exchanges, user awareness, and cyber insurance, you can protect your organization against constantly evolving cyber threats.
To learn more about how to build solid foundations for physical security, consult our Trust Center, which offers a wide range of relevant information and resources.
About Genetec
Genetec Inc. develops open-architecture software, hardware, and cloud services for the physical and public security industry. Its flagship product, Security Center, unifies IP video surveillance, access control, and automatic license plate recognition (ALPR) into a single platform.
This blog post is made possible thanks to our great partner Genetec as part of the Cybersecurity and Safety in Transportation Forum, an initiative of Propulsion Québec and supported by the Government of Québec.
