Whatsapp Messenger is a highly trusted product used by
something like 1.5billion consumers Worldwide. Its end to end encryption
protocol provides users with a high level of assurance about the privacy of
their calls and messages. But even a robust product like this can fall victim
to software hacks. It’s a shame because we would all like to think these
trusted products are somehow beyond the reach of anyone who might try to snoop
It seems that the best we can hope for is that once a hack
or a vulnerability has been identified, its users are notified promptly and
advised on actions they can take.
In this case it seems that Whatsapp went public pretty
quickly and offered a solution. The Whatsapp ‘hack’ does, though, offer us a
timely reminder that taking basic cyber security measures should be part of our
normal routine. In this case it might just be a matter of reaching for the
‘Update App’ function and downloading the fix promptly. But looking more widely
across the range of devices and software we all use in our private lives and at
work, the only sensible approach is to set up the devices you use so that they
automatically and regularly download the updates provided for your operating
systems (whether you are using Microsoft/ iOS or Android) for example. The
security updates are provided specifically to reduce vulnerability so why would
we not take advantage of them?
In the work context, if we aren’t taking basic cyber security measures then we are not just making ourselves more vulnerable; we are also potentially exposing our customers to additional threats. Increasingly, those customers are expecting suppliers to demonstrate that they do indeed take cyber seriously. They can do this by achieving a recognised cyber security standard such as the Government’s Cyber Essentials or the standard designed specifically for SME’s, the IASME Governance Standard. They offer an affordable way to demonstrate that you have basic security measures in place. Once you have the certificate you can use it repeatedly in tendering processes as a shorthand way of demonstrating your security posture.