Logo brandaris diap
Logo brandaris diap
<4 April 2025>
CyberSecurity, just simple: 5 actions that really work

Many companies have a mistaken perception of cybersecurity: it’s thought to be expensive, the subject matter complex, all while assuming they are not interesting targets for malicious actors. This is a classic fallacy — in reality, there’s a lot to gain. Because of this mindset, among other factors, basic security is often still not in place.

Image

Many companies have a mistaken perception of cybersecurity: it’s thought to be expensive, the subject matter complex, all while assuming they are not interesting targets for malicious actors. This is a classic fallacy — in reality, there’s a lot to gain. Because of this mindset, among other factors, basic security is often still not in place.

The simplest information can be captured and resold, with serious consequences for your organisation. And cybercriminals don’t even need to target your organisation specifically — they don’t make that distinction. Whether you’re an SME with 10 employees or a multinational: if you have a vulnerability, it will be exploited. That’s why we recommend the five fundamental actions below, as described in The Digital Compass. If you have these in place, you’re already 80% more secure than most companies.

</ACTION 1: HANDLING LOGIN DETAILS AND YOUR ONLINE IDENTITY SECURELY>

  • Require two-factor authentication (2FA) on all important accounts.

  • Use a password manager to automatically generate and store unique, strong passwords.

  • Adopt a cautious, distrustful attitude.

</ACTION 2: BACKUPS>

  • Set up automatic backups;
  • Keep offline backups;
  • Regularly test whether your backups are actually working;
  • Encrypt your backups.

</ACTION 3: UPDATES AND PATCHES: CLOSE THE BACK DOOR>

  • Enable automatic updates for all software and devices.

  • Do not use ‘end-of-life’ software.

  • Keep an up-to-date inventory of all software and devices used within your organisation.

</ACTION 4: ADEQUATE EMAIL SECURITY: PROTECT INCOMING AND OUTGOING COMMUNICATIONS>

  • Set up SPF, DKIM, and DMARC.

  • Automatically scan incoming emails for suspicious attachments and links.

  • Train employees to recognise suspicious emails.

</ACTION 5 : BEHAVIOURAL CHANGE: CYBERSECURITY AS A DAILY HABIT>

  • Ensure that digital security is part of the corporate culture.

  • Engage employees actively.

  • Foster a ‘blame-free’ reporting culture.

  • Keep repeating and practising continuously — strength lies in repetition.

A more extensive version explaining the above points, along with many other useful tips, tricks, and advice to make your organisation more cyber resilient, can be found in this first edition of The Digital Compass.