by Bradley Hammond Bradley Hammond No Comments

As a recognised partner and supplier by the London Stock Exchange, Brighter IR were invited to attend their superb masterclass on Cyber Security.

The event was full of speakers at the forefront of their fields including Richard Horne (Cyber Security Partner at PwC), Dave Palmer (Director of Technology at Darktrace), Mike Spradbery (Technical Leader at IBM Security UK & Ireland), Raj Samani (Chief Scientist at McAfee) and Lord Jonathan Evans (Previous head of MI5).

They covered a wide range of cyber security issues, including prevention, future security trends and what to do if the worst should happen.

Don’t worry if you missed it, the whole four and half hours was recorded and put on their website here.

I’m not going to go over all the insights covered, as fascinating as they were, instead I’d like to focus on one – people.

Throughout the day there was a consistent theme: the biggest cyber security risk to a company was actually the people working in their organisation (and not in a malicious way). It can be as innocent from opening spam emails to using weak passwords – these all add to your overall vulnerability.

As one of the speakers put it – if we get the basics right in our personal lives, then this will transfer into our working lives too. With this in mind I’m going to list out some of the basic things we can all do to ensure we’re as safe as possible.

1) Passwords

Dave Palmer from Darktrace presented this chart during his talk. It was very surprising to see the jump in time it takes a hacker to break the password when a character is added. This really emphasises that simple, short passwords just don’t cut it.

Password Length Time to hack
8 characters 2.2 seconds
9 characters 2 minutes
10 characters 2 hours
11 characters 6 days
12 characters 1 year
13 characters 64 years

2) 2-Step Authentication

Simply a must – especially for major services like your email provider. I know some people find it annoying but two factor authentication is a great step in holding back any potential hackers.

3) Updates

Hackers always target vulnerabilities in any system, and companies like Microsoft, Apple & WordPress (our favourite web framework) release regular updates to plug these holes. So any time you see the ‘1’ symbol against your general settings on your iPad or your Windows PC requesting a restart – DO IT!

4) Public Wi-Fi

This topic did cause some debate, but I think it all depends on what you’re using it for. If your son just wants to upload an Image on Instagram then you shouldn’t worry. However, if on the other hand you’re using your work phone and sending sensitive information, then it’s best to avoid public wifi.

5) Backing up the right way

Backup to the cloud using a secure service. Automating this process means that you don’t rely on anyone remembering to back up to a hard drive before they go home. Physical storage such as USB Sticks are useful, but they can be lost or stolen, so never use them for anything important.

6) Trust no one

A famous experiment was once carried out at Liverpool Street Station where a survey found that “more than 70% of people would reveal their computer password in exchange for a bar of chocolate.” – Don’t be one of these people!

Never give out passwords to anyone, even if it’s your bank on the phone. Phishing is a really big problem, and the people behind them will try anything to gain access to your accounts. So just never give any passwords or security codes out via email or phone.

7) Report it to the police

If you’re hacked, report it! We know it’s unlikely the Police are going to be able to help, but Raj Samani from McAfee made a really good point – because hardly anyone reports cybercrime, police and governments don’t have any data on just how big the problem is.

Hackers are always looking for easy prey, and if we follow the basics, we make it hard enough that hackers will just move on to someone else… Maybe someone using ‘password1’

Hackers are always looking for easy prey, and if we follow the basics, we make it hard enough that hackers will just move on to someone else… Maybe someone using ‘password1’