For cyber security advice and resources look no further! Whether you know what you want an answer to or don’t know where to begin; this blog has useful information and links.
Firstly, it’s a fact that cyber security attacks are increasing, they’re a worldwide problem – and no one is infallible. So even if you think you’ve got it covered, or feel you know nothing about cyber security (and haven’t got time), don’t ignore this – it’s a great place to start.
Cyber security advice about a common form of attack
Another fact is that most cyber attacks are successful because of human error. Many hackers target busy and distracted workers and you’d be surprised how easy it is to target a business. Cyber criminals use very sophisticated devices to learn all kinds of things about you, your business, your colleagues, services and clients. They then use this research to extort funds and other valuables from you, often by email.
Typical example of an email attack – phishing
There you are at the end of a busy day when an email from your MD, John.Breakwell@yourcompanyname.com comes in asking you to make a payment into one of your client’s accounts. You do this sort of thing as part of your job and you’re in a rush to finish. He has provided the details and link to the client’s account. And everything about the email looks genuine, so you make the payment.
Except it wasn’t a link to a client’s account you find out later – you’ve paid a substantial sum into a cyber attacker’s account, set up specifically to trick you.
It turns out that the attacker wasn’t John Breakwell but had substituted a lower case letter ‘l’ in Breakwell with a capital I – BreakwelI. Would you have spotted the difference? It could equally be that you emailed back sensitive account information to someone.
There are other letters that can look the same at first glance. Another common trick is replacing the letter ‘m’ with the letters ‘r’ and ‘n’ as in: microsoft vs rnicrosoft
It’s quite easy not to notice these things but can have major repercussions. If your business trains its staff in cyber awareness you’ve got a better chance of noticing such things. Another way is to have certain cyber security tools deployed on your email account that will help prevent you and your business becoming a victim.
The National Cyber Security Centre offers advice and guidance which covers a broad range of cyber security related topics. They are well worth looking at and one of the most useful subjects is Cyber Essentials certification, especially if you are in a regulated business sector.
What is Cyber Essentials?
Cyber Essentials is a government-backed, industry supported scheme to help organisations protect themselves against common cyber attacks.
Cyber Essentials is simple but effective and will help you to protect your organisation, whatever its size, against a whole range of attacks.
Your business receives a Cyber Essentials certificate if it complies with the cyber security requirements. If you are interested in certification see more here.
Cyber security advice and resources for all businesses
You don’t need to be Cyber Essentials certified to follow these best practices!
Here are 5 technical controls that you can put in place today, explained without jargon.
1. Use a firewall to secure your internet connection
2. Choose the most secure settings for your devices and software
3. Control who has access to your data and services
4. Protect yourself from viruses and other malware
5. Keep your devices and software up to date
• FAQs, documents, leaflets and other information about Cyber Essentials can be found here.
• We would specifically draw your attention to The Cyber Essentials readiness toolkit. This uses your responses to the questions in the toolkit to create a personal action plan to help you move towards meeting the Cyber Essentials requirements.
Or you can contact us about any cyber security issues you have – we’re here to help you.