The start of a new year (and in this case a new decade) is a good time to reflect on what was achieved last year, and re-think habits, objectives and mindsets for achieving new goals.My husband and I have a ritual each holiday period where we review our previous year's goals and set new ones. Our goals span a range of different areas, from ‘family and relationships’, ‘health and well being’, ‘financial’, ‘house and garden’, through to ‘work and personal development’.
When we started the ‘work and personal development’ section, I began to reflect on my achievements of 2019 - making Chartered Director status with the Institute of Directors, being appointed to the board of Regenerate Christchurch, and starting a new job with Kordia as their first full time Chief Information Security Officer (CISO).
People are fundamental to good security so this year I’ve developed both personal resolutions, and some simple resolutions any CISO, IT leader or company director can adopt for your own company.
My personal cyber security resolutions are:
- To make 2020 the year of ‘password best practice’
This year I’ll be ensuring I have all my passwords and accounts locked away in my password manager, and I’ll make sure I am always using strong passwords. I recommend you use passphrases – a series of random words or a sentence. The more characters your passphrase has, the stronger it is. These are easy to type and remember, but still hard for hackers to crack.
- To have an honest discussion with my kids about cyber safety
With my children growing up as digital natives, a planned discussion about why some online activities are safer than others is really important. A useful way to have this conversation is explaining that the online world is just like the real world and to draw parallels between the two - for example, not talking to strangers at the playground is just as important as not talking to strangers in online. This way children get the consistency of rules across online and offline activities, which will help them understand the dangers of both. I found this site helpful for more family safety tips.
- Share, share, share – and help bring cyber security conversations into the light
I’ve been posting for some time on social media with useful advice, articles, and information to enhance the provision of ICT, digital transformation and security capability across the board. This year I want to dedicate more time to sharing information with my network around security culture. Security is everyone’s responsibility, so the more people we can engage in the conversation the better off our communities will be.
If you’re just starting out on your security journey, and looking to implement some good cyber security resolutions in your company, here’s three easy initiatives you can start with;
- Raise the profile of cyber security to the same level of ‘Health and Safety’ in terms of importance.
Both are imperative to our businesses. Without both operating well, our businesses may not be around tomorrow. Health and Safety has a lot of cross over with security and by taking the same approach used to embed Health and Safety into your company culture, you can help meet the increasing complexity of cyber risk.
- Appoint security champions to take your security to the next level.
Security is a team sport, and many talented Kordia people input into our security performance. At Kordia, we have a group of champions who are our security guardians. This is great for reducing the burden on a single person, and has helped build advocacy and expertise across all areas of our business on cyber security.
- Build a cyber security dialogue with your partners and community
By sharing information, thought leadership and resources with your customers and partners you can increase the cyber security capability off everyone, and keep security culture top of mind. I’ve been active in starting conversations online about the connections between digital risk and running a business, and it’s been a great learning tool for me to openly discuss shared issues with other leaders. If you’re an IT professional, you might like to join my group New Zealand Digital Leaders Network, to share ideas on Linked In.
Writing down your new year's resolutions helps to build a sense of direction for the year to come. Cyber-attacks are growing more sophisticated year on year, and you only have to look at incidents like the recent Travelex ransomware attack to see that cyber crime is more lucrative than ever for criminals.
So let's make 2020 the ‘Year of Cyber Security’ in a positive way, by laying down some useful resolutions for ourselves and our businesses.