Cybersecurity Starts in the Boardroom
I have just published an article over on our online training site – CyberAwake – looking at some of the steps in examining the risk of using employee devices for work purposes – BYOD or Bring Your Own Device. Are you using Bring Your Own Device – BYOD – to …
One of the key points we cover in our online and real-world cyber security awareness training is that threat actors will exploit human trust and fears. So phishing messages will contain: a threat – your tax bill is overdue see the fine here something nice – we over charged your …
Continue reading “Threat actors promise you something that is too good to be true…”
Here is a threat that is being actively researched, but probably is not that big a deal – that is of course until we get to reality resolution screens and webcams… [2205.03971] Private Eye: On the Limits of Textual Screen Peeking via Eyeglass Reflections in Video Conferencing (arxiv.org) However… The …
Would your Global Administrator account security up to our standard? Protecting credentials is an important step in any cyber security plan. One of the first things we always do when taking on a cyber security client, before we even embark on the fact finding and documentation, is make sure everyone …
Continue reading “Be careful of security theatre and user security fatigue”
There have been several high profile ransomware attacks this week – and small ones that do not make the news. Ransomware attack knocked a Kentucky city-operated ISP offline before holiday – The Record by Recorded Future Lorenz ransomware breaches corporate network via phone systems (bleepingcomputer.com) Ransomware gang threatens 1m-plus medical …
