In this exclusive Q&A, Detective Inspector Michael Preston, Head of Cyber and Innovation at The Cyber Resilience Centre for Wales, discusses what the organisation can offer to businesses to respond to incidents efficiently and migrate any potential damage a cyber attack may create.
Defend against the latest online crime threats through our business memberships. The CRC for Wales partnership with local Police Forces, Universities, Advisory Group, Cyber Expert Group and wider business network means our memberships offer the very best guidance and support for businesses of any size.
Could we start by establishing what the Cyber Resilience Centre is?
The Cyber Resilience Centre for Wales is a not-for-profit company, with the aim of increasing cyber resilience across Wales. The centre particularly focuses on SMEs and micro businesses but is available to all organisations. It is part of a network of centres across the UK and is a partnership between police, the private sector and academia.
What sort of benefits can the organisation offer to members?
The centre is here to provide support and guidance to organisations, it offers a free core membership, and offers discounted cyber security services. We do this by recruiting the best students from Welsh Universities who work with us to deliver these services. When an organisation registers for membership they will receive a welcome pack which includes the latest National Cyber Security Centre guidance, an Exercise to test your cyber resilience, The little book of cyber scams and a monthly newsletter with information on cyber-crime trends and up to date guidance to protect your organisation. You will also be offered a meeting with the centre’s Head of Cyber and Innovation to discuss any concerns you may have or learn more about the services provided by the centre.
What is the best method for delivering security awareness training?
We believe that cyber security is everybody’s responsibility, and as such all persons in an organisation, no matter what their role is, need to be aware of the risks, attack methods, and how to recognise them. We would encourage regular briefings to help staff recognise things such as phishing emails, and this will in turn help organisations reduce their vulnerability to a cyber-attack. We believe that it is a key part of training to encourage behavioural change and to encourage the development of a cyber security culture.
The topic of cyber security can seem complex and daunting, but just making a few basic changes can increase cyber resilience and significantly reduce the chances of an organisation suffering a cyber-attack. The centre will use simple terminology and avoid the use of complicated jargon that can put people off talking about cyber security.
In terms of preventing cybercrime, what methods can the organisation relay?
- Protect your Data by backing up. If you use a hard drive or the cloud the key message is to ensure that it is not connected to your network.
- Use strong passwords – a password manager is one option or use three random words.
- Consider multi factor authentication (MFA) – this means being notified whenever a log in to your account takes place. Many breaches would have been prevented if MFA had been in place.
- Ensure you have up-to-date anti-virus.
- Ensure you update your software – consider having automatic patch updates.
- Look after your devices – ensure they have strong passwords and consider remote wiping and encourage staff to report any losses as soon as they occur.
- Engage in regular security awareness training – we can help with this by providing the latest cyber-crime trends and guidance to reduce your vulnerability.
Outside of Wales, how can the Cyber Resilience Centre benefit the security sector nationally?
The Cyber Resilience Centre for Wales provides guidance and support to organisations within Wales. But we are a part of a network across England and Wales so wherever you are there is a centre that can provide guidance and support to you. Being part of this network, the Cyber Resilience Centre for Wales can discuss national trends and work together to identify the best way of helping organisations and delivering support in the most appropriate way.