It came to light yesterday that eight of Donald Trump’s top Cyber-Security advisers will be resigning from their positions in US government.
Trump had pledged earlier this year to spend $1.5billion dollars on the US cyber-security industry. Clearly this alone was not enough to satisfy the qualms of the National Infrastructure Advisory Council.
The UK government has taken a similar stance on cyber-security, with Philip Hammond pledging to spend £1.9billion on the industry over five years (from November 2016). This works out to roughly £380million each year. You can find a copy of the UK governments cyber-security strategy here.
Whilst increasing the budget will be a big help to many organisations, unfortunately hacking isn’t a problem you can solve with money alone. Many breaches are caused by human error and not by lack of technical resources.
Moving toward a focus on employee education is key in helping to prevent future attacks. We are told regularly that we should have a complicated password with a mix of upper-case letters, lower-case letters and numbers. How many of us actually do it though?
A study carried out by mobile identity company TeleSign, has uncovered some scary statistics surrounding passwords. Their findings showed that 47% of people use passwords that are at least 5 years old. Even more shocking, 21% of people surveyed used passwords that were over 10 years old. For reference, these people were creating the passwords they use today when Gordon Brown was elected as Prime Minister.
The importance of using a complex password cannot be understated. It only takes a few seconds to create a complicated password and it could potentially save your business tens of thousands of pounds. The five most popular passwords used in 2014 were:
I don’t think I need to tell you that using one of the above-mentioned passwords isn't a smart move. Businesses need to be taking the time to empower and train employees, giving them the ability to recognise threats and protect against them. An article by Tripwire outlines five innocent mistakes people make that can lead to an IT breach.
- Device theft or loss
- Document errors (forwarding sensitive data to incorrect recipients, publishing private data to public web servers, carelessly disposing of confidential work data)
- Weak and stolen credentials (passwords etc)
- Internet spyware (clicking pop-ups, unknowingly installing malicious applications, visiting malicious websites with things like illegal downloads)
- Vulnerable systems and applications (Using outdated software and web browsers)
All of these mistakes can be prevented relatively easily with some basic training. If people are shown the dangers of being careless, they can start to improve their online habits and keep businesses protected.
Eight of Donald Trump's cyber-security advisers have resigned, warning the President had "given insufficient attention to the growing threats" facing the US. A quarter of the National Infrastructure Advisory Council's 28 members quit with a joint letter in which they claimed Mr Trump "threatened the security of the homeland".