- Educate all business staff about dangers and latest attack methods, particularly ensuring they aware of targeted scam emails (spear phishing). Cyber criminals are increasingly targeting individual business staff members, typically those with finance responsibilities, by crafting highly convincing emails using information about the business, its staff and its suppliers. These scam emails once responded to, will typically try to convince (social engineer) individual staff members to arrange a bank transfer or payment to a bogus account operated by the cyber criminals
- Keep all Servers, PCs, Laptops, Tablets and Smart Phones operating systems and applications updated (security patching). Out of date software is vulnerable and commonly exploited by malware and hackers.
- Business staff should use unique passwords with each third party/online service used by the business. Ensuring passwords are complex and changed every 90 days. Where possible use mutli-factor authentication (I.e. password + hardware token or text message confirmation). Cyber criminals know many people use the same email and password combination across multiple websites, so when they obtain one credentials combination, usually via a third party website hack, the database of which are often dumped onto the darkweb, cyber criminals try the same stolen email and password combinations to attempt to access further online services, with the intent of stealing personal data and money.
A UK view on Cybersecurity & Information Security, Everything Computer Security from the very basics to the advanced. A blog with a focus on the latest Cyber Security developments & issues in the UK, including Hacking, Privacy (GDPR), Data Breaches, security standards such as NIST, PCI DSS, Cyber Essentials & ISO27001, all will be simply explained.
Wednesday, 21 December 2016
How to Protect your Business from Cyber Crime
Today I was quoted in the Focus Training's Blog. An 'Ask the Experts' piece on 'How to Protect your business from Cyber Crime', my advice was as follows.
You go along way to securing your entire office by keeping up to speed with the latest software. Especially local computers. Your every day devices. Laptops, phones, tablets etc. When your device tells you to update the software, update it. Its as simple as that. The updates are not brought out to annoy you, they are brought out to update the device and update the security. It really is as simple as that.
ReplyDelete