No Rest For The Wicked
In 2019 we wrote an article, Digital Hygiene for Boards, that is still worth reading. The piece emphasized the importance of digital safety and basic good practices to protect your board, your company and yourself.
The world has not gotten safer since. Cyber-attacks continue; one of the worst being the attack on SolarWinds, a major US information technology firm. This was a sophisticated attack discovered in late 2020 that continued through 2021. The malware spread through a SolarWinds Orion platform update and put at risk some 18,000 organizations, including government agencies and Fortune 500 companies.
It is impossible to make yourself 100 percent safe. However, any improvement in digital hygiene will make it more expensive and time-consuming and thus more difficult for bad actors to access your data and take control of your systems. Since hackers tend to go after low-hanging fruit, any reasonable step you can take to harden your personal and corporate defenses is an investment likely worth making.
Given technology changes these last few years, we thought it might be interesting to ask trending internet celebrity ChatGPT for some advice that boards of directors can take to protect themselves and their companies from malicious attacks in 2023.
AI’s Digital Hygiene 101 – by ChatGPT
In today’s increasingly interconnected world, boards of directors are more vulnerable than ever to cyber threats. Board members regularly handle sensitive information and make critical decisions that may attract unwanted attention. With cyber-attacks becoming increasingly sophisticated, it’s essential to prioritize digital hygiene and adopt best practices for protecting board communications and data. Here are some tips to help boards of directors enhance their digital safety in 2023.
- Leverage encrypted communication tools
Secure communication is a must for boards of directors, as sensitive discussions and confidential documents are often exchanged. Consider using end-to-end encrypted email services like ProtonMail or Tutanota and high-security messaging apps like Signal or Wickr. By employing encrypted tools, you can ensure that your communications remain private and accessible only to intended recipients.
- Implement multi-factor authentication (MFA)
Password breaches are a common cybersecurity threat. Implementing multi-factor authentication (MFA) adds an extra layer of security by requiring users to provide additional verification beyond a password. Encourage board members to use MFA for all essential accounts and services, including email, cloud storage, and secure messaging apps.
- Keep software and devices updated
Software updates often include essential security patches and improvements. Ensure that all board members’ devices, including laptops, smartphones, and tablets, are updated regularly. Enable automatic updates for operating systems and applications to reduce the risk of security vulnerabilities.
- Educate board members on cybersecurity best practices
Ongoing education and training are crucial for maintaining good digital hygiene. Regularly brief board members on the latest cyber threats, safe browsing habits, and best practices for securing their devices and accounts. Encourage them to remain vigilant and adopt a cautious approach when dealing with unfamiliar emails, messages, and websites.
- Adopt a secure board portal solution
A board portal is a secure platform that streamlines board communication, collaboration, and document management. Opt for a board portal that offers robust security features such as end-to-end encryption, and granular access controls. This ensures that sensitive board information remains confidential and accessible only to authorized users.
- Conduct regular security audits
Perform periodic security audits to identify potential vulnerabilities and assess the effectiveness of your digital hygiene practices. This may involve examining your organization’s network security, assessing user access controls, and reviewing the security measures in place for protecting board data. Regular audits can help identify potential weak points and inform necessary improvements.
- Develop a clear incident response plan
Despite implementing strong digital hygiene practices, it’s essential to be prepared for the possibility of a cyber-attack. Develop a clear incident response plan that outlines the steps to be taken in the event of a security breach. Ensure that all board members are familiar with the plan and understand their roles and responsibilities in the event of a cyber incident.
In Conclusion
We are struck by how similar ChatGPT’s advice in 2023 is to ours from 2019 though we think that our advice went a bit further into important details.
In any event, the SolarWinds breach serves as a reminder of the potential consequences of a large-scale cybersecurity incident and highlights the need for organizations and their boards to prioritize digital hygiene and adopt best practices for safeguarding sensitive information.
ChatGPT also sees the importance of adopting a secure board portal and we believe that our Boardlogic solution is worth considering. We focus on making software that is simple to use, affordable and, most importantly, secure.
Learn more here or schedule a demo in just a few clicks.