Who is the biggest risk to your company’s Cyber Security?

When an employee doesn’t care about cyber security

It doesn’t matter how thorough a business’ protective measures are, employees remain one of the biggest risks to an organisation’s digital security.

In some cases, it is not that employees don’t care about digital security, but that they don’t fully understand it.

An experiment in London’s financial district proved just how much of a risk employees can be to their organisations. CDs were handed out to commuters by employees of an IT skills company and told the disk contained a special Valentines’ Day promotion. In reality, the CDs contained code which notified the IT company how many of the recipients tried to open the CD. Despite clear warnings on the packaging about the dangers of installing third-party software and acting in breach of company acceptable-use policies, several city workers proceeded to run the disk. A major retail bank and two global insurers were among the organisations whose employees fell for the stunt. Read more

Do you know if your emails are secure?

Of all the millions of emails sent each day, how many senders even think about whether their messages are secure? Traditional email has the confidentiality level of a postcard – anyone involved in its transport can easily read it. Lack of care becomes even more of a problem when the sender is attaching confidential or sensitive data. Is it being sent to the correct person? Should the attachment be allowed? Even if it is all right to send, how do you know it was received, when it was read and has it been forwarded? Current system notification is not good enough.

With the General Data Protection Regulation (GDPR) fines looming, now is the time to gain control of emails. Read more

When Familiarity Breeds Complacency – How to Identify Authentic Emails

For many, a daily routine exists from the moment they sit at a desktop or take their first swipe of a tablet. It involves identifying important emails in your inbox and disregarding the spam. In most instances, this is a tedious yet simple task. We click on emails from contacts we know, or from an organisation we trust, and delete those we have no interest in. We look for the familiar and discard the unknown. It is a routine that drains time but a system that in the past has kept us reasonably safe from hackers. Repetitive yet necessary. Read more

Cybersecurity: What are Insurers Looking For?

Nicola Laver investigates how low firms can satisfy their insurers that their cybersecurity and anti-commercial crime strategies are robust.

Given that research has shown that cyberattacks on UK  law firms increased by nearly 20% between 2014-2015 and 2015-2016, robust cybersecurity strategies are vital issues; furthermore, 73% of the top 100 law firms in the UK were targets of  attacks last year. Read more

The Imitation Game: Keeping Safe From Phishing Emails and Websites

A poorly written, plain text email requesting sensitive information arrives in your inbox from a sender you have not interacted with before. Without much thought you delete the email, writing it off as bogus.

Further down you come across an email with the subject: Update Your Account Information. In the sender column is your bank’s name. The HTML email is well formatted, using the colours, layout, font, and logo of your bank. The email states that as a security measure, you will no longer be able to access online banking unless you update your account information. Beneath this message is a hyperlinked sentence which reads, ‘Sign in to update your account information’. The email is signed from your bank’s customer service team. Read more

What Do You Need to Know Before Buying Cyber Insurance?

What do JP Morgan, Sony, eBay, Yahoo, Three, and Talk Talk have in common?

In the past two years, these companies have all been victims of cybercrimes and have experienced widespread media attention as a result.

An increase in cybercrimes, followed by an increase in media reporting of breached businesses, and moves towards tougher regulatory penalties, has created an emerging market for cyber insurance. Read more