I moved to Jersey in 2012, when I was 21 with no real idea of what I wanted to do as a career.
My first full time job on the Island was working for a horticulture business, starting off as an office assistant and working my way up to managing client orders and eventually working directly with buyers planning their next season’s campaigns.
Over time we moved our focus into growing vegetables to sell to markets and a number of big supermarkets. This transformation required us to work towards food safety standards, such as red tractor and M&S field to fork, among others. I’ve always had an analytical mind and thrive in fast paced and high-pressured situations, so I got stuck in and soon found that I had a natural affinity for risk and compliance based activities.
My career with JT began in 2016, in the Contact Center. This “foot in the door” is what propelled me into the world of security. I was given a new hybrid role of Revenue Assurance, Fraud and Security Analyst, which allowed me to see opportunities from the eyes of a potential attacker within my security role and from the eyes of the customer in my fraud role. Within 6 months I’d passed my ISO27001 Lead Auditor exam and was fully immersed in the world of security.
Eventually I took on a full-time security role, guiding business units in implementing and managing ISO27001 certification. I was truly in my element, so when a role in the CI Professional Services Team opened up as a Cybersecurity Consultant, I jumped at the chance to join this dynamic team, looking to secure the Channel Islands and beyond.
1. Keep your passwords secure
Using the same password for everything may seem tempting but in reality, you’re putting your data at risk, even if you change 1 or two letters of a password between accounts. If one of your accounts becomes compromised, then there’s a high chance that your other accounts will be too, and you may not even notice.
2. Consider using a password manager
Most are free and come with built in tools to generate and store secure passwords directly within an app on your mobile or browser. Be sure to choose a suitable master password, the NCSC provides tips on how to create a strong password.
3. Know the risks of losing your device
You might not realise just how much data your device is holding and your pin alone may not be enough to keep it secure, especially if you use one of the most common PINs. Most modern phones and laptops come equipped with a “find my device” service, allowing you to easily locate, track and wipe your device if it becomes lost or stolen, just be sure to enable it and keep your details up to date.
For lost mobiles you should also make sure to contact your SIM card provider immediately to suspend your service until you can get a replacement, especially if you use your mobile number with your accounts, such as for two-factor authentication. This will also protect you from potential fraudulent charges.
4. Don’t click on suspicious links
Whether it’s via email or SMS cyber criminals still actively exploit this common and effective method of stealing data. A great mentor of mine taught me to always think, is the message UNUSUAL:
Unsolicited – are you expecting this email? If someone is following up a discussion you haven’t had, delete the email.
Needs your login credentials – if the email is from a known contact and is asking you to login to a web page, phone the contact on a confirmed number to check whether it’s genuine, otherwise delete it.
Unaddressed – was the email addressed to you or have you been Bcc’d. If the email context is one to one and you’re not personally addressed, there’s something wrong.
Salutation is missing/impersonal – if this is a known contact, would you expect the type of greeting in the email? If it seems too formal or informal, delete it.
Urgent need to respond – if it says that there’s urgency to respond to the email and you don’t know why, follow up by telephone to a known contact or just delete it.
Attachments included – word documents and PDFs can contain malicious code so if you weren’t expecting the email, don’t open any attachments.
Links included – these can take you to fake login pages which steal your credentials, or to malicious websites that can download malware to your PC, so don’t click on links unless you are absolutely certain they’re genuine.
5. Check on your vulnerable relatives and friends
The elderly, vulnerable and lonely are among the most successfully exploited members of our society. With limited access to useful resources designed to protect and educate, they may not be equipped with the tools and expertise to spot a scam or attack. Regularly check in with those you consider at risk to ensure that they are staying safe online.