The Crucial Need for Cyber Security Awareness Training in Retail.
Cyber security is a concern for all industries, but retail is quickly becoming one of the most targeted industries. Companies in this sector often have part-time workers who feel less involved in their workplace’s mission and goals and are more vulnerable to cyber threats. From logistics to staffing and physical security, a large portion of tasks executed within a retail store are executed by third-party vendors. This connectivity opens doors to potential cyber threats, from full system shutdown via ransomware to more subtle personal or payment information theft. The statistics on third-party breaches are so high that it is safe to say one of your partners has been breached in the last 24 months. The retail industry also has access to sensitive customer information, especially if they have a reward program. The potential payment information alone makes retail stores attractive targets for cyber criminals. Retail stores have a high turnover rate and deal with many different purveyors. This leads to dangerous situations like a novice employee ordering stock with company funds or updating point-of-sale software. These routine tasks can quickly create cyber risks if employees aren’t trained properly. If executed correctly, establishing a cyber security culture in your workplace can be a fun and rewarding experience for your employees. Cyber security awareness training can also foster a sense of belonging since your workforce will feel more involved in the company’s future. A good program will also allow you to identify highly engaged employees who might be ready for advancement within the company.
New Year, New Tech. The Latest Protection for the Latest Tech!
How to protect your new tech? Broadly speaking, you can protect most of your tech with a handful of steps. Whether it’s a new Wi-Fi router, smartwatch, or even a connected fridge, they can all benefit from the following basics. Use strong, unique passwords When it’s time to set up a new account or device, go with a strong, unique password. Strong means a mix of at least 12 characters, if not more. That includes a mix of numbers, symbols, and both letter cases, upper and lower. Unique means you don’t repeat it across accounts. That way, if one password gets compromised, the rest will remain secure. Use multi-factor authentication Online banks, shops, and other services commonly offer multi-factor authentication to help protect your accounts with the typical combination of your username, password, and a security code sent to another device you own (often a mobile phone). If your device or account supports multi-factor authentication, consider using it there too. It throws a big barrier in the way of hackers who try and force their way into your device with a password/username combination. Keep everything updated Update your apps and devices regularly. In addition to fixing the odd bug or adding the occasional new feature, app and device updates often address security gaps. Out-of-date apps and devices might have flaws that hackers can exploit, so regular updating is a must from a security standpoint. If you can set your apps and devices to receive automatic updates, even better. Secure your internet router Another device that needs good password protection is your internet router. Make sure you use a strong and unique password there as well to help prevent hackers from breaking into your home network. Also consider changing the name of your home network so that it doesn’t personally identify you. Reset the factory password Many smart home and internet of things (IOT) devices come with preset usernames and passwords from the factory. So much so, that you can easily find lists of stock usernames and passwords for these devices posted online where hackers can get a hold of them. In the past, we’ve seen all kinds of attacks occur when these credentials don’t get changed. Among them are stories of hacked baby monitors where attackers take control of the camera and speakers. So just as you do for your other devices and accounts, create a fresh username and pair it with a strong, unique password as outlined above. Upgrade to a newer internet router Likewise, older routers might have outdated security measures, which might make them more prone to attacks. If you’re renting yours from your internet provider, contact them for an upgrade. If you’re using your own, visit a reputable news or review site such as Consumer Reports for a list of the best routers that combine speed, capacity, and security. Set up a guest network specifically for your IoT devices Just as you can offer your guests secure access that’s separate from your own devices, creating an additional network on your router allows you to keep your computers and smartphones separate from IoT devices. This way, if an IoT device is compromised, a hacker will still have difficulty accessing your other devices on your primary network, the one where you connect your computers and smartphones. Research the manufacturer One of the strongest security measures you can take is research. Before purchasing, look up the manufacturer. Have they had security issues with their devices in the past? Are their devices well-reviewed? How about their privacy policy? What are they doing with your data? Keep an eye on app permissions Another way hackers weasel their way into your device is by getting permissions to access things like your location, contacts, and photos — and they’ll use malicious apps to do it. If an app asks for way more than you bargained for, like a simple puzzle game that asks for access to your camera or microphone, it might be a scam. Delete the app. Lock your phone and keep an eye on it too Some bad actors will try to install spyware on phones themselves. However, this requires access, time, and effort to pull off. Locking your phone and always keeping it close can help prevent bad actors from infecting your phone this way. Another step you can take is to familiarize yourself with the remote locking and wiping features of your mobile device. Many manufacturers offer this feature on mobile devices. Strongly consider using it in the event of loss or theft.
What Is Splunk & What Is It Used For?
What Is Splunk? In today’s data driven cyber landscape, organizations across the globe are faced with an ever increasing volume of data from various assets and network infrastructure. To harness the power of this data and enable cyber resilience, they need tools and technologies that can help them collect, analyze, and visualize the logs and events effectively to detect and prevent cyber security threats. Splunk is a powerful SIEM (Security Information and Event Management) tool that is widely used to solve this purpose. It offers a comprehensive platform for collecting, analyzing, and visualizing machine generated data to gain valuable insights and detect potential security threats. What is Splunk used for? Splunk is designed to ingest and index large volumes of data from various sources, including logs, sensors, devices, applications, and systems. It provides real-time monitoring, analysis, security, and observability capabilities, allowing organizations to identify and respond to security incidents proactively. One of the key features of Splunk is its ability to correlate and aggregate data from different sources like servers, firewalls, load balancers, network devices, enabling security analysts to investigate and identify patterns, anomalies, and potential threats. Its advanced search and query functionalities allow users to perform complex searches and create custom reports and dashboards. Splunk also offers a wide range of security-specific applications and add-ons that provide additional functionality and help automate various security tasks. These include threat intelligence, incident response, compliance monitoring, observability, and user behavior analytics, among others. In addition to its security applications, Splunk is also widely used for other purposes, such as IT operations monitoring, application performance monitoring, business analytics, and log management. Its versatility and scalability make it a popular choice for organizations of all sizes and across various industries. Core Features of Splunk Splunk is a powerful SIEM software platform that offers a wide range of features that help businesses gain valuable insights from their data and ensure cyber resilience. Enormous Amounts of Data Collection and Ingestion Splunk excels in collecting and ingesting diverse data sources crucial for cyber security. Its versatility, from logs to events and metrics, ensures comprehensive coverage, enabling real-time threat detection. Lightning Fast Real-Time Indexing The heartbeat of Splunk’s SIEM capabilities lies in real-time indexing. Immediate visibility into security events allows for swift responses, minimizing the impact of cyber incidents. Powerful Analytical Search and Investigation In the cyber security realm, quick and precise investigations are essential. Splunk’s search and investigation features, powered by the Splunk Query Language (SPL), enable security professionals to identify and analyze threats quickly and accurately. Appealing Data Visualizations and Dashboards Splunk’s intuitive data visualization tools play a pivotal role in cyber security. Interactive dashboards facilitate monitoring security metrics, threat landscapes, and incident trends at a glance. Real-Time Alerts and Notifications Proactivity is key in cyber security. Splunk enables the creation of alerts and notifications, ensuring that security teams are promptly informed of potential threats or anomalous activities.
6 Signs That Your Cybersecurity Posture Needs an Upgrade
In today’s digital age, cybersecurity is not just a buzzword- it’s a critical necessity, especially as cyber threats grow in complexity and frequency. Companies must constantly evaluate and upgrade their cybersecurity measures. This is where ISO 27001 plays a pivotal role in providing a structured framework for assessing, implementing, monitoring, and continually improving an organisation’s information security posture. Nonetheless, remaining vigilant for signs that your cybersecurity measures may need upgrading is essential. Below are six signs that you need to upgrade your cybersecurity measures. 1. Frequent Data Breaches and Security Incidents One of the most obvious signs that your cybersecurity needs an upgrade is the occurrence of frequent data breaches and security incidents. The last few years have experienced an increase in cyber attacks, leading to the exposure of sensitive information and financial losses. If your business has experienced multiple security incidents or data breaches within a short period, consider reevaluating your cybersecurity strategy. 2. Insufficient Network Security As the backbone of your digital operations, inadequate network security can expose you to a wide range of threats. Whether an unsecured Wi-Fi network, lack of intrusion detection systems, or outdated firewall rules, neglecting network security can be a costly mistake. Here’s how to enhance your network security: Secure Wi-Fi networks: Ensure your Wi-Fi networks are properly secured with strong passwords and encryption protocols, such as WPA3. Regularly change default router login credentials and consider setting up a separate guest network for visitors. Firewall and intrusion detection: Invest in a robust firewall and intrusion detection system (IDS) to monitor network traffic for suspicious activity. Installing a firewall and intrusion detection system can help identify and mitigate potential threats before reaching your network. Regular security audits: Conduct regular security audits to identify vulnerabilities in your network infrastructure. Consider hiring third-party experts to perform penetration testing and evaluate your network’s resilience against cyberattacks. 3. Outdated Software and Systems Running outdated software and systems is like leaving your front door open for cybercriminals. Aging software and operating systems are more susceptible to vulnerabilities, as software developers often discontinue support and updates for older versions. Cybercriminals actively exploit such vulnerabilities, gaining access to your systems to steal data and launch attacks. If you find yourself using outdated software, such as an unsupported operating system or obsolete applications, it’s time to upgrade. Thus, ensure you’re using the latest versions of all software and systems and regularly apply security patches and updates. In addition to using the newest software version, consider transitioning to cloud-based solutions with built-in security features and easier to maintain and update. 4. Weak or Reused Passwords Passwords are the frontline defence for most of your online accounts, and weak or reused passwords can be an open invitation for cybercriminals. If you’re still using easily guessable passwords like “123456” or “password” or using the same password across multiple accounts, your cybersecurity needs a serious upgrade. Here’s how to strengthen your password security: Complex passwords: Create unique, strong passwords for each account. A strong password should include a combination of upper and lower-case letters, special characters and numbers. Avoid using easily guessable characters or information like birthdays or names. Password manager: Consider having or using a reputable password manager to generate, store, and autofill complex passwords for your accounts. Password managers not only make keeping track of your passwords easier but also prevent password reuse. Two-factor authentication (2FA): Whenever possible, permit 2FA for your online accounts since requiring a second verification step, such as a temporary code sent to your mobile device, adds an extra layer of security. 5. Lack of Employee Training and Awareness Your cybersecurity is only as strong as your weakest link, and often, that weak link is human error. Employing social engineering tactics like phishing emails, cybercriminals trick employees into revealing crucial company information or clicking on malicious links. Thus, your organisation may be at risk if your employees lack proper training and awareness of these threats. Investing in cybersecurity training and awareness programs for your employees is a proactive approach to upgrading your security. Provide a detailed cybersecurity training programme for all employees – covering topics such as identifying phishing emails, secure password practices, data handling procedures and cyber incident planning and response. Regularly conduct cyber attack simulation exercises to test the vigilance and decision-making skills of your staff, and provide ongoing education to keep them informed about the latest threats and best practices. Since cyber threats evolve rapidly, consider providing regular updates and refresher courses to ensure employees are up to date with the latest cybersecurity threats and strategies. Ensure your staff can recognize phishing attempts, understand the significance of data protection, and how to report suspicious activity. 6. Inadequate Endpoint Security Endpoints (laptops, desktops, and mobile devices) are often the entry points for cyber attacks. If you’ve noticed that your organisation’s endpoint security is lacking or if you rely solely on traditional antivirus software, it’s time to upgrade your cybersecurity strategy. Modern threats, like advanced malware and zero-day vulnerabilities, require advanced endpoint security solutions. Ensure that all endpoints are equipped with up-to-date endpoint protection software, often referred to as antivirus or antimalware solutions. Endpoint protection software is designed to detect and block malicious software, providing a crucial defence against threats. Apart from endpoint protection software, implement a robust patch management system for all endpoints. Regularly update operating systems and software applications to patch known vulnerabilities. Cybercriminals often target outdated software to gain access to endpoints. Consider enabling encryption on all endpoint devices, especially laptops and mobile devices. Since encryption scrambles data to make it unreadable without the proper decryption key, it protects sensitive information in case of theft or unauthorized access. Access control is equally important. Consider enforcing robust access controls and authentication mechanisms. Use multi-factor authentication (MFA) to ensure only authorised personnel can access sensitive data and systems. To reduce the risk of breaches, consider implementing EDR solutions that provide real-time monitoring and response capabilities since they can identify and mitigate threats at the endpoint level.
What Can You Do with a Graduate Certificate in Cybersecurity?
An graduate certificate in cybersecurity is a versatile qualification that opens up a realm of exciting career opportunities. This credential is unique; it’s more than just a standard certificate in cybersecurity. It’s tailor-made for IT professionals who already hold a bachelor’s degree, be it in computer science or a completely different field like art history. Perhaps you’re a graphic designer, a web developer, or a programmer, or maybe you’re someone with a keen interest in technology and programming. Cybersecurity is in such high demand that organisations are allocating substantial portions of their budgets to invest in skilled cybersecurity professionals. This makes a graduate certificate an excellent springboard for a career shift, providing the potential to transition from roles such as a web developer to an ethical hacker, penetration tester, or cybersecurity analyst. The cybersecurity arena is expanding at a pace that leaves other professions in the dust. Projected to throw open nearly 41,000 new opportunities in the upcoming years, this field is far from being labelled ‘archaic’ even as we grapple with the turbulent whirlwinds of a global pandemic and sweeping economic changes. From individuals and non profits to the government and corporate giants, all are donning their battle armours to fend off the increasingly intricate web of cybercrime. This growing need for digital defenders brings into focus the importance of robust educational programmes. Wondering if your cybersecurity certificate can actually land you a job? Without a doubt! A graduate certificate in cybersecurity is your ticket to an abundance of roles that are in high demand across businesses, institutions, and individuals alike. Information Security Manager Embarking on a career path as an Information Security Manager places you at the forefront of digital defence. It’s a role tailor-made for those who are keen on using their cybersecurity prowess to safeguard companies and organisations from the lurking dangers of hackers, viruses, cyber fraud, and security breaches. As an Information Security Manager, your workspace is the digital fortress of a specific company or organisation. Your mission? To craft and bolster cyber security protocols that protect their most valuable asset: information. It’s a meaningful responsibility that makes a real difference in the era of cyber threats. Information Security Engineer At the heart of every robust cybersecurity system, you’ll find the Information Security Engineer. Also known as information security analysts, these professionals are the masterminds behind the defences that guard a business or organisation’s network and computer systems. They don’t just implement one size fits all solutions; they custom build security systems catered to the unique needs of each organisation. With an eye on data and sensitive information, Information Security Engineers are our first line of defence against cyber-attacks and external infiltrations, ensuring the digital landscape remains a safe space to navigate. Cybersecurity Analyst The role of a Cybersecurity Analyst is much like that of a digital detective. With a keen, data-driven mindset, these professionals meticulously formulate robust protection strategies. They use top-notch assessment skills to construct security measures that help companies dodge cyber-attacks and security breaches. Typically, you’ll find them nestled within an organisation’s IT department, working full-time and enjoying the associated perks. Being a Cybersecurity Analyst is not just a job – it’s a craft that involves keeping the digital world a bit safer every day. Certified Ethical Hacker Stepping into the shoes of a Certified ethical hacker, you’re signing up for the role of a digital superhero. These tech wizards leverage their profound understanding of the hacker mindset to shield businesses and organisations from the looming spectre of cyber threats. They’re not just tech specialists they’re guardians of security, relentlessly hunting down vulnerabilities and patching up potential cyber chinks in the armour.
Ransomware and the Cyber Crime Ecosystem
Ransomware has been the biggest development in cyber crime. Ransomware’s defining feature is that it encrypts data on victims’ systems until a payment is made. Since IT systems are now ubiquitous, ransomware attacks can be truly devastating for victims and their customers, which is why it remains the most acute cyber threat for UK businesses and organisations. A new white paper published by the NCSC and the National Crime Agency examines how the tactics of organised criminal groups (OGCs) have evolved as ransomware and extortion attacks have grown in popularity. It’s particularly aimed at security professionals and resilience sector leads who need to be aware of changes in cyber criminal activity to better protect their systems and inform security policy. Since 2018, businesses have been getting better at preparing for and responding to ransomware attacks. At the same time, OCGs have been adapting their business models to maximise payouts. For example, ransomware victims in addition to being locked out of their systems now have the additional worry of their sensitive data being leaked online, and with it face the risks of reputational damage. They could also face large fines under laws such as UK GDPR and the Data Protection Act 2018. As well as the actual ransomware malware (such as Lockbit or ALPHV), there are a number of enabling services, platforms, distributors and affiliates that are key to conducting a ransomware attack. It’s this wider criminal ecosystem that is the main focus of the paper. The white paper is the latest addition to a series of NCSC publications that address the continued threat from ransomware. Crucially, implementing NCSC guidance will interrupt the majority of attacks, which is why we encourage system owners and technical staff to visit the NCSC’s pages on ransomare, which includes guidance on how organisations can defend themselves from ransomware attacks. The deployment of ransomware relies on a complex supply chain, so focussing on specific ransomware strains can be confusing at best, and unhelpful at worst. We hope that the publication of this white paper shines a light on the motivations of the threat actors further upstream, who are ultimately driving the monetisation of ‘ransomware as a service’, and other extortion attacks.
Mitigating Cybersecurity Risks In Business Communications
The connection between cybersecurity and business communications is undeniably critical in the current digital landscape. With growing reliance on digital platforms, companies are at a higher risk of cyber threats that can jeopardize data and disrupt services. This highlights the importance of strong security in all business communication. Effective communication technologies are crucial but bring challenges in keeping information safe. One essential strategy to boost security and efficiency is implementing advanced systems like telephone system CRM intergration. This not only strengthens communication but also streamlines business operations. Best Security Practices For Safe Communications Communication security is more than just technology; it includes smart practices in all areas of business communication. Building and regularly updating a solid cybersecurity framework is essential to protect your business. Enhancing your cybersecurity posture also means adopting new technologies and embedding security-conscious habits into your company’s culture. Here are some essential practices to consider: Regular software and hardware updates: Ensure all communication tools and systems are up-to-date with the latest security patches. Outdated systems are more vulnerable to attacks. Comprehensive staff training: Regularly train staff on cybersecurity best practices and threat recognition. Team members should understand their role in maintaining communication security. Robust authentication protocols: Implement strong authentication measures like two-factor or multi-factor authentication, especially for accessing sensitive data and systems remotely. Encrypted communication channels: Use encryption for emails, phone calls, and messaging to protect data from interception. Incident response plan: Have a clear cyber incident response plan and test it regularly with cyber table top exercises for responding to cybersecurity incidents quickly and with minimal damage. To effectively reduce risk and build trust, businesses must consistently apply best practices in cybersecurity. Staying alert and adaptable is crucial, as complacency is a significant vulnerability in this field. Continuous improvement in security measures is essential to tackle current and future threats. Here are the essential practices for securing email communications: Implement email encryption: Encrypting emails is crucial in safeguarding sensitive information against unauthorised access or interception. Deploy anti-phishing tools: Utilise advanced anti-phishing software to detect and block malicious emails, reducing the risk of phishing attacks. Educate staff on phishing scams: Conduct cybersecurity training sessions for staff members to recognize and handle phishing attempts and other email-based threats. Strict access controls: Establish stringent access controls for email accounts, ensuring only authorised personnel can access sensitive information. Regularly update email systems: Keep email systems updated with the latest security patches and software updates to defend against new threats. Use spam filters effectively: Employ and fine-tune spam filters to reduce the influx of potentially harmful emails. Here are several vital practices for enhancing mobile communication security: Secure messaging apps: Encourage using secure, encrypted messaging apps for internal and external communications to protect data from interception. Regular device updates: Ensure that all mobile devices used for business purposes are regularly updated with the latest security patches and software updates. Mobile Device Management (MDM) solutions: Use MDM solutions to control and protect mobile devices, which include features such as erasing data if a device is lost or stolen remotely. Strong authentication for device access: Use strong passwords, biometrics, or multi-factor authentication for accessing mobile devices, adding an extra layer of security. Training on mobile security: Educate staff members about the risks associated with mobile communications and best practices for maintaining security, such as avoiding public Wi-Fi for business transactions and recognizing potential threats. Implementing measures to secure mobile communications is essential for overall cybersecurity. These steps help businesses reduce risks linked to mobile device use and maintain secure and efficient communication. Adapting to the evolving cybersecurity landscape requires constant vigilance and proactive measures, particularly in the mobile domain, where the blend of personal and professional use presents unique challenges.
AIT fraud: What you need to know
SMS and telephone guidance updated to address the rise in Artificial Inflation of Traffic (AIT). The rise in Artificial Inflation of Traffic (AIT) is leaving many businesses out of pocket. To counter this growing threat, we’ve updated our SMS and telephone best practice guidance, which is designed to help organisations, and their customers reduce exposure to SMS and telephone-related fraud. AIT is a technique used by criminals that generates large volumes of fake traffic through apps or websites. In a typical AIT scenario: a fraudster uses a bot to create large numbers of fake accounts the fake accounts trigger a one-time passcode (OTP) SMS message to mobile numbers during multi-factor authentication (MFA) the fraudster partners with a rogue party in the mobile ecosystem (an operator or aggregator) to intercept the AIT, but never actually delivers messages to the end user together, the fraudster and the rogue party claim the profit This type of fraud can cause substantial financial cost to businesses. Elon Musk summarised how the issue had impacted X (formerly known as Twitter) last December, where he explained that “Twitter was being scammed to the tune of 60 million dollars a year for SMS texts.” Since the NCSC’s SMS and telephone best practice guidance was originally published in January 2022, AIT fraud has increased, mainly for two reasons: Application to person (A2P) SMS costs have risen, increasing the potential profit of AIT fraud. AIT is not regulated by common SMS agreements and regulations. There are even companies that openly advertise their ability to defraud businesses by AIT, offering to impersonate hundreds of popular brands. The overriding priority for your SMS procurement process should be security. Our guidance explains how you can protect your business and mitigate the risk of AIT fraud, without resorting to drastic measures such as charging users to use MFA by SMS. As always, we welcome feedback on this guidance. You can contact us via our social media and normal contact channels.
Potentially hundreds of UK law firms affected by cyberattack on IT provider CTS
CTS, a managed service provider (MSP) for law firms in the United Kingdom, is urgently investigating a cyberattack that has disrupted its services potentially leaving hundreds of British law firms unable to access their case management systems. The company announced on Friday that it was experiencing a service outage which has impacted a portion of the services we deliver to some of our clients, and confirmed the outage was caused by a cyber incident. The UK government is closely monitoring the company’s situation, according to a government spokesperson. It is not known how many of the company’s clients are affected, although a report byToday’s Conveyancer estimated between 200 and 80 would be unable to access phone, emails, or case management systems.CTS said it was working closely with a leading global cyber forensics firm to help us with an urgent investigation into the incident and to assist us in service restoration. The company said it was confident it would be able to restore services but cautioned it could not give a timeline for full restoration, and pledged to communicate directly with the clients who were affected. The hack comes just weeks after the British government failed to introuduce promised legislation that would have required MSPs to increase their cybersecurity protections. MSPs are an attractive and high value target for malicious threat actors, and can be used as staging points through which threat actors can compromise the clients of those managed services, the government warned when it announced the new laws.
UK and US develop new global guidelines for AI Security
New guidelines for secure AI system development will help developers of any systems that use AI make informed cyber security decisions at every stage of the development process. Agencies from 18 countries, including the US, endorse new UK developed guidelines on AI cyber security. Guidelines for Secure AI System Development, led by GCHQ’s National Cyber Security Centre and developed with US’s Cybersecurity and Infrastructure Security Agency, build on AI Safety Summit to establish global collaboration on AI. In testament to the UK’s leadership in AI safety, agencies from 17 other countries have confirmed they will endorse and co-seal the new guidelines. The guidelines aim to raise the cyber security levels of artificial intelligence and help ensure that it is designed, developed, and deployed securely. The new UK led guidelines are the first of their kind to be agreed globally. They will help developers of any systems that use AI make informed cyber security decisions at every stage of the development process, whether those systems have been created from scratch or built on top of tools and service provided by others. The guidelines help developers ensure that cyber security is both an essential pre-condition of AI system safety and integral to the development process from the outset and throughout, known as a ‘secure by design’ approach. The guidelines are broken down into four key areas – secure design, secure development, secure deployment, and secure operation and maintenance, complete with suggested behaviours to help improve security. The product will be officially launched this afternoon at an event hosted by the NCSC, at which 100 key industry, government and international partners will gather for a panel discussion on the shared challenge of securing AI. Panellists include Microsoft, the Alan Turing Institute and UK, American, Canadian, and German cyber security agencies. These guidelines are intended as a global, multi-stakeholder effort to address that issue, building on the UK Government’s AI Safety Summit’s legacy of sustained international cooperation on AI risks.
