My technical career began in 1995 when I was 25 years old, working as a Computer Engineer at Reuters. We focussed on the hardware, software, and delivery infrastructure which provided real-time trading and pricing to the Channel Islands Foreign Exchange Dealers and Investment Managers.
A few years later my role evolved and I became a Technical Account Manager responsible for all technical matters in the Channel Islands.
When trading systems moved to being web-based and Internet delivered, I set up my own company providing support to many CI-based businesses, which included my former employers, Reuters. It wasn’t long before I began to transition into cybersecurity, gaining many certifications such as Certified Ethical Hacker, Certified Hacking Forensic Investigator, and various Cisco Cybersecurity exams to compliment the work I was simultaneously undertaking.
In 2013, I joined JT as a Cybersecurity Consultant and at the age of 48 I began a Masters in Cybersecurity MSc with Northumbria University and graduated 2 years later with a distinction. My dissertation, which was based on privacy and surveillance capitalism, was published as a chapter in the book “Strategy, Leadership, and AI in the Cyber Ecosystem” by Academic Press in 2021.
TOP TIPS FOR SMEs (Small & Medium sized enterprises) that don’t have a dedicated security team
1. Patch, Patch, and patch again
This refers to your operating system, your applications (Word, Excel etc.) and your network devices, such as routers and switches. It is worth getting a vulnerability scan on your network to assess exactly what needs to be patched and the level of priority for these fixes. Failure to patch software leaves yourself open to known security flaws that hackers can, and will, take advantage of.
2. Implement a strong password policy and ensure you have Multi Factor Authentication
Make sure passwords aren’t reused and cannot be guessed. Should a hacker manage to obtain your password, then they would still need your 2FA code to proceed. There are tools that can be used to check for weak passwords.
3. Perform regular Cyber Awareness Training for employees
Not only will this help members of your team to become more “cyber aware”, but it will also help them to recognise new ways in which your business could be targeted. As many as 70% of breaches are caused by human error so it is always recommended to keep your people up to date.
4. Backup your critical-business data
Make sure you have multiple backups off-site. These backups will be invaluable should your business be subjected to a ransomware attack. Backups are also useful when faced with other issues, such as a hardware failure, and will help minimise the impact to your business.
5. Create a Security Incident Response Plan
If your business was to be attacked, everyone in the team needs to know their responsibilities and have a clear and easy-to-understand process that is thoroughly planned and regularly tested. This is quite a difficult task but can be outsourced to experts who understand incident response.