Data Protection Authority gives Guernsey firms a cyber security checklist

21 May 2022

News image — The company said safeguards needed to be in place to ensure data confidentiality

Getty Images Email button on computer keyboard — The company said safeguards needed to be in place to ensure data confidentiality

Businesses and organisations on Guernsey have been urged to follow a cyber security checklist to reduce the risk of "becoming a target".

The Office of the Data Protection Authority found more than 20 personal data breaches were made through email between March and April 2022.

The authority warned of a current "heightened risk" of cyber-attacks.

Advice ranged from keeping staff aware of the risks and making sure antivirus software was installed.

The authority's commissioner Emma Martins said: "Understanding and responding effectively to personal data breaches is a fundamental part of data governance for all organisations but the current heightened risks, especially around cyber-attacks, means that we must be extra vigilant."

The authority said companies should take the following steps to keep data safe:

Keep all software up to date and install antivirus software
Make sure important data can be recovered
Ensure staff can identify and report security issues and phishing emails, with updated and regular training
Strong passwords and multi-factor authentication

In 2021, the regulator reported 36 data breaches between July and August involving island businesses and organisations.

Follow BBC Guernsey on Twitter and Facebook. Send your story ideas to channel.islands@bbc.co.uk.