“Cyber threats are framed as something existential, technical and expensive, and the usual response to fear, fees, and something incomprehensible is to do nothing,” says Malcolm Taylor, head of cyber security at G3. “Security can be managed with a limited level of investment. Business owners are good at managing risk. Seeing this as just another business risk makes it more comprehensible.”
“Businesses need to make it easy for staff to report suspicious emails, calls, and visitors,” says Jenny Radcliffe, head of training and consultancy at Jenny Radcliffe Training. “The only way to help prevent social engineering is to have a workforce who are comfortable reporting issues and suspicions to management, and who are not blamed for their mistakes or for false suspicions. Attacks are complex, sophisticated, and nuanced enough to get past at least some of the people, most of the time – which is all it takes to breach many organisations. This could mean helpdesk staffers pressured into giving out details, or employees letting fake delivery people gain access without checking IDs.”
Educate users on how to spot a [phishing] email, says Gavin Millard, EMEA technical director of Tenable Network Security. “Making sure they know why you shouldn’t share personal information or install software from unknown sources can benefit them at work as well as at home.”
“I have heard about losses of up to £50,000 from fairly small businesses due to simple social engineering such as CEO fraud,” says Jamie Randall, CTO of IASME Consortium. “These targeted attacks often use information from LinkedIn and Facebook to build up their story, such as knowledge that the CEO is on holiday with family.”
It’s obvious but incredible how many companies still fail to install the latest antivirus software or back up their data. It is important to have a backup of servers or databases on an encrypted hard drive or back-up server that is on a separate network to the main server.
For more information, see the UK government’s “Ten Steps to Cyber Security” on the National Cyber Security website https://www.ncsc.gov.uk/guidance/10-steps-cyber-security.
The latest IP win for a major brand in China shows China’s commitment to cracking…
Are you concerned that your brand’s rights are being infringed in China? CBBC’s new IP…
Ahead of a gala dinner to celebrate 70 years of the China-Britain Business Council, FOCUS…
As China enjoys a five-day public holiday, debate about the country’s unusual ‘compensatory working day’…
This June, the China Business Roadshow from the China-Britain Business Council, Santander and Woodburn Accountants…
Despite slowing GDP growth, China’s coal consumption is on the up, writes Dialogue Earth (formerly…