3 key things we were asked at memcom 2019
We were honoured to be invited to speak at memcom 2019 on the topic of better cyber security for membership organisations.
In the Q&A session that followed our presentation there were three main questions around how membership organisations can improve their cyber security.
We’ve listed the questions, along with our answers, below.
If you would like a copy of the presentation we gave you can download a PDF here (don’t worry, there’s not a sneaky pop-up that will force you to enter any personal details, we want you to be more secure not spammed!).
The 3 main questions were:
The short answer is:
“Internalise that one day it’s very likely that an attack will be successful and make sure you have a plan in place to recover as quickly as possible when that day comes.”
The longer answer is:
“Appreciate that better cyber security starts with doing even a little but more than you are doing now. A great way to start to improve is:
1. Make the time to discuss and understand all the risks that you currently face (this will be different for every organisation).
2. Document all the risks you come up with and what would happen if each of them happens (this doesn’t have to be a huge exercise, particularly if you have never done it before) and rank them in order of severity for your operations.
3. Create a plan to address each item on your list, both to try and stop it happening and what you’ll do if it does happen, starting with the most severe and work your way down (when you get to the end, revisit all your assumptions as things may have changed)”
Sadly you are, as the membership data that you hold is potentially valuable to attackers, particularly as it’s likely to carry a lot more very specific, personal information in one place than most other companies or organisations.
There’s an additional risk that you face where an attacker could try to compromise you in order to target your members; if a phishing email or an instruction to pay membership dues to a different bank account comes directly from a person’s professional or trade body they are much more likely to fall for it.
You can support your members in quite a number of ways, some quick and simple ones include:
1. Make sure that you have your own house ‘in order’ so that you don’t present a risk to your members.
2. Use the insight you gain in taking care of your own cyber security to start to educate your members on their cyber security. A great way to do this is by creating and sharing a case study of your experience.
3. Invite cyber security experts to speak at member events and create webinars for you to share.
4. Create a library of cyber security resources, CPD materials and a register of trusted cyber security suppliers that your members can use and trust as it has come from you.
If you’d like to learn more about cyber security no matter what level you feel you are at (or even if you aren’t sure where to begin) feel free to contact us for a friendly chat.
Whether you have a specific requirement, a question you'd like answered or would just like an informal chat, contact us.Contact us today