Much of translators' and interpreters' work involves confidential matter and personal data, and may include "special category" data such as medical information. We need to make sure that we are looking after this data responsibly. Which of us can be absolutely certain that we will never inadvertently mistake a phishing email for a genuine one, have a computer breakdown or suffer collateral damage in a cyber attack aimed at a more prominent business?
"More than half (55%) of UK firms reported an attempted cyber-attack in 2019, a 15% rise from 2018. Small businesses are becoming increasingly at risk, too – the report highlights a 14% increase from the previous year in firms reporting cyber-attack incidents." (Hiscox)
Infosecurity Europe 2019 London, 2 June to 4 June
In his talk at Infosecurity Europe 2019 Ciaran Martin, then head of UK's National Cyber Security Centre (NCSC, emphasised the importance of taking the obvious straightforward steps to become more information-secure. "..what we have learned from analysing 1,600 national level incidents is that these attackers are often relatively simple, using low-level techniques and well-known malware that exploits weaknesses in out of date software. Typically, these attacks are not particularly advanced, persistent or threatening, so what we have learned is that the biggest threat to cyber security is weak cyber security and that is what needs the most attention.” (Quoted from Computerweekly.com)
The NCSC advises simple and inexpensive steps we can all take to become more cyber-secure:
back up your data - to a separate external hard drive, a cloud service, or both
protect against malware - firewall, antivirus software, separate admin profile - install software updates regularly - remove unused/outdated programs
use password-protection where available (unique password or pass phrase - consider a password manager)
use disk encryption
change default passwords on devices (e.g. router, camera)
allow each user the minimum level of privilege they need to do their job
secure and encrypt mobile devices and turn on track/wipe
train yourself and colleagues to spot phishing emails - see Vinciworks' resource, which can be demo'd for free
read the terms & conditions of any suppliers/service providers to check for data security and confidentiality
don't worry about nation state actors, leave that to government agencies
