Be a sport: Cyber security must-haves to put in place now

The sporting spectacle of the Birmingham Commonwealth Games in July and August 2022 promises the biggest business and tourism programme to date. Birmingham and its surrounding areas will be in the spotlight for a global audience to see and what an amazing platform this will be to showcase the West Midlands’ diversity and culturally rich offerings.

The stats are incredibly enticing:

  • A staggering £526m economic boost is expected in the county over the course of the 11-day event

  • More than 4,500 jobs created a year until 2022, with 950 thereafter

Local businesses are being encouraged to bid for contracts and supply chain opportunities and with these projected benefits and significant post-event investment being funnelled into regeneration projects, it’s set to be the driving force for the West Midlands’ economic rebuild following the pandemic.

It’s a game-changing scenario for the region, but unfortunately, in the (digital) world we live in, this is music to the ears of cyber criminals. They will no doubt be using it as a springboard to prey on the thousands of businesses and 500,000 -1million expected visitors coming to enjoy this spectacular event.

Without a solid infrastructure to carry the weight of demand on service operations and the influx of people, there will be fraud and phishing scams aplenty. There’s going to be a mindboggling amount of transactions and confidential material passing over networks – flight, hotel and transport bookings and restaurant reservations.

Suppliers will have vast amounts of orders and deliveries to get from A to B and not to mention all the card payments at shops, supermarkets, bars, hairdressers…

All internal and external communication links for every business will be under pressure in some way shape or form. Personal information and huge sums of money are at stake and to keep these things where they rightfully belong requires resilience.

To get into the mindset of a cyber attacker; they are seeking out the smallest of gateways into your business, and data (ie. email or personal addresses and phone numbers) is their currency. Many forms of digital activity such as social media shares, online reservations, booking confirmations, reviews and user account sign-ins leave a footprint which intercepted if the door is left open.

No matter the size, type or sector of your business and supply chain, an important question to think about is could you do more to keep your livelihood, and that of your colleagues, protected? The answer is, yes.

Taking your eye off the ball is exactly what scammers are looking for, as it creates an opportune moment to strike with an attack. Futureproofing all aspects of your operations and being cyber aware requires having the right, supportive training shoes on before sprinting out of the blocks.

Here are six things you can do now to reduce the risk and beat the opponent.

  1. Educate yourself and others of the risks present

  2. Remain mindful of the ways scammers and cyber thieves may try to compromise or breach data

  3. Ensure software is patched (meaning the newest version is installed) and up to date and replace old hardware that may be a security liability

  4. Follow protocol to ensure policies are always adhered to and be aware of the risks of sharing confidential information even during regular conversations

  5. Review bring your own devices (BYOD) policies to make sure they are in line with security protocol and that staff are aware and adequately trained to minimise the risk associated with such policies

  6. Data encryption can be crucial in minimising the risk to your business, make sure those passwords are strong

The Cyber Resilience Centre for the West Midlands’s student services team also runs a Remote Vulnerability Assessment service, which provides businesses with clear-cut information on compromised areas of its online activity. If your organisation is connected to the internet, this service will remotely review that connection in the same way as an attacker would perform reconnaissance, looking for potential weaknesses.

The service uses the same toolsets and skill sets as hackers use to map your organisation’s internet connections. This service also benefits from regional police and National Cyber Security Centre intelligence to capture the very latest known threats and techniques used by cyber criminals.

Remote vulnerability assessments are not penetration tests, where the goal is complete systems compromise or to take full control of your systems. Service reporting will provide a plain language interpretation of the results and how any vulnerabilities might be used by an attacker, as well as simple instructions on how any vulnerabilities might be fixed.

Here are more details and an option to request a quote for a Remote Vulnerability Assessment.

From here, it’s game on for protecting your business further.



The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

 

The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.