What should I do if I think I’m being hacked? What should I do if I no longer trust my IT department?
And what should I do if I receive too much spam in my company email inbox?
MCG answers some of the questions you might have about cyber security at your organisation.
There are two options. The first is to replace them altogether. An in-house IT specialist is someone you must be able to fully trust. The second solution is more suited to those times when a company director is afraid that the IT specialist might fall ill or become unavailable for a long period of time, which would prove disastrous if they had everything in their head but not much documented.
Don't panic! A diagnosis is required before drawing hasty and risky conclusions. Ask MCG for a quick analysis to diagnose whether or not you really are a victim of hacking.
Turn off all computer systems without exception and if in doubt, disconnect all computers and servers from the network. Call MCG through your support contracts or use our emergency red button.
There are several possible reasons for this problem. The simplest and most likely is that your email protection system is ineffective or poorly calibrated/configured. The second is that you – or your organisation – are being targeted by a criminal network (or state). Sometimes, targeting is individual but other times, it’s regional (and therefore grouped). Ask us for an analysis in order to see things more clearly and avoid these dangerous attacks as much as possible.
The best thing to do is to hold a joint awareness session for leaders. This half-day session will bring everyone up to speed and will pave the way for considering the various ways to integrate cyber security into an organisation in a way that makes a difference.
Staff training – also called "security awareness" – is the ultimate, indispensable link required to increase the level of cyber-security maturity within an organisation. Contact MCG to set up a differentiated awareness programme, which includes questionnaire-based evaluations and “real phishing" tests to see how effective the training sessions have been in terms of awareness and applying knowledge.
Cyber insurance is a risk-based insurance like any other – in this case, serving to protect against cyber risk. Cyber insurance is based on a premium and a rapid risk assessment that will be conducted by the insurance company (e.g. self-assessment). There will always be an intervention limit. Insurance does not replace preventive measures, which in this case are cyber-security management measures, including proven governance. In any case, ask us for our opinion. We helped many major insurance companies to build their cyber policy at the advent of the GDPR in 2018.