Secure our world — Together is a Microsoft document from their cybersecurity awareness initiative. It seeks to provide easy to follow cybersecurity hygiene guidelines. And it is really good. There is a breakdown between six main areas of cybersecurity. These are:

  • AI safety How AI is used by criminals.
  • Cybersecurity 101 Basic cybersecurity hygiene guidelines.
  • Devices How to secure your many devices and networks.
  • Fraud What are the common fraud you will encounter.
  • Phishing What is it, and how to avoid it.
  • Passwords How to protect them.

Season professionals will not find anything they do not already know therein. However, the information is well presented and contains many links to find out more about the topic on hand. It is a very handy tool for security professional to show C-suite / Board members during those hard budgeting conversations. After all, who wants to be less secure than Microsoft?

However, there is one thing missing. If everyone is responsible for security (shift left), then there needs to be culture shift from blame to openness. When (not if, when) one of your employees falls for a phishing email, it is essential that they know that admitting it will not reflect badly on them. The opposite must be true: the sooner they report it, the better. After all, there is nothing worst than finding that you were compromised six months ago and did not know it.

Furthermore, like any general advice, it is not necessarily correct for your specific use case. How does this help you mitigate all the risks in your register? How does it help you focus on what is important for you right now? How does this help you prevent your own mistakes?

These are hard things to get right. If you need guidance on this, or even a more secure framework tailored to your risks, please do get in touch via out contact form.