Cybersecurity Starts in the Boardroom
Well if it is, that can be expensive in money and reputation – it may even get you into the press, so everyone can see what you did. Panera Bread likely paid a ransom in March ransomware attack (bleepingcomputer.com) In the UK there is also this advice to consider: It …
Continue reading “Is your ransomware plan to pay the ransom?”
Well it was pretty obvious that the outcry by cyber security and privacy experts around the world, against Microsoft’s proposal to include an automatic function to screenshot your computer every few seconds, to produce a searchable record of EVERYTHING you have done on your computer, was a bad idea. Don’t …
A search through the Smart Thinking archives will return many examples of organisations – often councils – accidentally publish or email sensitive information. Here is another: Lewisham Council published residents’ details on website – BBC News In this case the information was on the website for 11 months before the …
Continue reading “We have seen this before – too many times”
The Information Commissioner’s Office (ICO) is looking into a new feature of Windows 11 and Copilot where the operating system will automatically screenshot what you are doing every few seconds. The upcoming feature, called Recall, will be able to access the locally stored, encrypted images to enhance the user experience …
This article follows on from last week’s Why the “Principle of Least Privilege” works and something for free…. If you want the something for free, then you had better read that article first! Let’s start with a simple definition. The Principle of Least Privilege (PoLP) is a fundamental concept in …
Continue reading “What the “Principle of Least Privilege” does for you? (pt. 1)”
The Principle of Least Privilege (PoLP) is a fundamental concept in cybersecurity. It ensures that users are granted only the minimum necessary access rights required to perform their job functions. This principle is one I always enforce in cyber security as it is a powerful way of defending the most …
Continue reading “Why the “Principle of Least Privilege” works and something for free…”
There are hundreds of reasons organisations, lobbyists and some politicians will quote for not reporting a cyber-security breach – most will have to do with money. The one reason the rest of us should be in favour of reporting rules is that it is our data that these organisations have …
Continue reading “Cyber-breach reporting rules are a good thing for all of us”
