> Understand the security risks involved with your supply chain
Build a picture of who your suppliers are and what their security looks like. Do you know what needs to be protected and why?
> Raise awareness of security with your supply chain
Communicate your needs to your suppliers, build it into your contracting processes, and meet your own security responsibilities both as a consumer and supplier. For example, the government backed Cyber Essentials scheme can be an indicator that companies have a commitment to cyber security, and have taken steps to guard themselves against the most common cyber threats. Details about the scheme can be found at https://www.cyberessentials.ncsc.gov.uk/
> Seek continuous improvement of security within your supply chain, and build trust with your suppliers
> Educate and train staff to defend against Phishing attacks
For advice on how to spot and defend against phishing, see the NCSC's guide on this at https://www.ncsc.gov.uk/phishing
The Take Five campaign is a national campaign encouraging people to stop and think about whether a situation is genuine. Visit the website at
https://takefive-stopfraud.org.uk/advice/
> Device security
As a minimum, organisations need to ensure that devices are always fully patched and have anti-malware/anti-virus software in place. This should apply to ALL of your devices, including phones/tablets/printers/routers/internet enabled cameras/IoT devices etc.
> Reporting
If you've been affected by this or any other type of cyber crime, report the details to Action Fraud (0300 123 2040 / www.actionfraud.police.uk). Always keep an eye out for any suspicious follow up activity as well.
|