Cyber threats are different from the kind of threats that most people are used to. It's easy to understand that there's tanks rolling across the border or airplanes in the sky that could drop bombs. Cyber threats steal information. They steal intellectual property and they prevent people from being able to do their general work. As computers become more and more integral to everyday life, that threat keeps going up.
Cyber operators' jobs are to stop the bad guys when they try to break into networks. Other people are responsible for making sure that patches are applied and that security orders are followed. The thing is that it's the classic defensive problem. It's the, defenders have to be right every time, the attackers only have to be right once.
Cyber resilience means not only being able to make yourself a difficult target for hackers and malicious actors trying to break into your system, but also being able to recover swiftly from the effects of their attacks and being able to fight through it and have redundancy so that, even if part of your network goes down, you're still able to perform your business.
By far, the largest and most common cyber threat is phishing. People sending links and attachments through emails that don't appear to be... that aren't actually from whom they appear to be. The next most common is malicious files that get passed around via USB sticks and compromised devices.
Strong defence, really good professional defence are the people where that's not the end of the world. Where someone manages to get through your defences, someone manages to get hack done, and then you pick up the pieces and you recover, quickly, swiftly and effectively. If we get to the point where we're saying: "Yeah, we can defend against everything." Then, people just lose confidence when something bad happens. It's not about that. It's about making it so that the cost from making those bad things happen gets really high because we stay professional, because we stay trained, because we stay on top of it. And then, when they do get through, we limit the damage.
My top three advice would be, number one, know who your Information Systems Security Officer is and how to contact them in emergency. Number two would be to make sure that you read, understand and, above all, follow the security orders that they give you. We're trained in how to detect and respond to cyber threats and the sooner that we know about it, the sooner we can take action.
It is important to understand that cyber security is a team effort. Everybody that uses a computer, everybody that sends an email, everybody that clicks on something has a role to play in making our job easier. Every time someone bypasses security controls. Every time someone doesn't follow the security orders, that makes our job more and more difficult and makes the terrain that we are operating in to get more and more dangerous.