dcsimg

Your employees are your biggest cyber security threat

Anti-virus software, firewalls, data encryption – these are go-to security solutions for most organisations.  The problem with that? They are each designed to stop cyber criminals accessing your systems but are of little help when it comes to your biggest security weakness – human error.  Studies repeatedly show that organisations are more likely to be breached from an employee misplacing, … [Read more...]

Data Protection and the risks associated with the Cloud

This book is intended to be an introduction to the risks involved in Cloud sourcing, to enable managers to ask the right questions. Suggestions are offered for the kind of risks an organisation’s use of the Cloud might generate, and the remedial measures that might be taken. These are given as examples only and are not intended to be a substitute for qualified legal or technical advice. Other … [Read more...]

What’s the difference between a data breach and a cyber security incident?

The information security industry is full of jargon, but luckily most terms only crop up when you’re dealing with specific, technical topics. However, there’s one common but surprisingly complex phrase that often appears without further explanation: ‘cyber security incident’.  You might assume it’s simply a euphemism for organisations that don’t want to say ‘we’ve suffered a data breach’. That’s … [Read more...]

Get involved in #CyberSecMonth 2019

This week marks the beginning of ECSM (European Cyber Security Month) 2019, an initiative run by ENISA (the European Union Agency for Cybersecurity), the European Commission DG CONNECT and partners to promote the importance of cyber security and highlight the steps that can be taken to mitigate cyber security risks.   This year’s themes The theme in the first two weeks is cyber hygiene, and … [Read more...]

3 advantages of BYOD policies

Technological innovation has revolutionised business. Things like Cloud computing and the rise of remote working have made our jobs more flexible than ever, but it’s not only home workers who reap the benefits, as the rise of BYOD (bring your own device) policies has shown.  If you’re not familiar with the term, it refers to organisations allowing or requesting employees to use their personal … [Read more...]

Kaspersky records 130 million phishing attacks in Q2 2019

Kaspersky Lab’s latest report on phishing found that attacks have jumped 16% in the second quarter of 2019, compared to the same quarter in 2018.   Cyber criminals are continuing to take advantage of the trust between individuals and companies by using fake registration, subscription and feedback forms to get victims to reveal their personal details.   Looking at the stats Kaspersky … [Read more...]

A compliance checklist for the 12 requirements of the PCI DSS

Any organisation that stores, processes or transmits payment card data must comply with the PCI DSS (Payment Card Industry Data Security Standard).  The Standard contains 12 requirements, which we’ll run through in this blog along with an overview of the steps you should complete to meet each one.   1. Install and maintain a firewall configuration to protect cardholder data Firewalls control … [Read more...]

Latest phishing attack targets Amazon Seller accounts

Criminal hackers are pushing boat out with the latest phishing scam targeting unsuspecting German victims.  The email scam sends recipients what appears to be a tax invoice from Amazon, instructing the recipient to enter their Amazon Seller account login details to access it.    Image of translated phishing email via Bleeping computer   However, the login … [Read more...]

What to do when you’ve been infected with ransomware

Chances are, your organisation is going to have to contend with a ransomware attack in the near future. There were more than 850 million infections reported in 2018, and there are no signs of things slowing down.  Attacks can be a stressful time for organisations, with infections designed to scare recipients and grind your organisation’s productivity to a halt. Fortunately, we’re here to explain … [Read more...]

Credit unions should be prepared for crimeware

We recently discussed why credit unions must conduct regular penetration tests. The bulk of that article covered the legal obligations for testing and the ways in which you can comply with those requirements.  However, we didn’t delve into the reason that penetration testing is essential – which we’ll put right here.    How penetration testing helps organisations  Penetration testing is … [Read more...]