Cyber 3-2-1: Zero-day iPhone hack revealed, but the sky is not falling. Don’t worry about zero-days – Worry about 400-days. And finally, why you shouldn’t listen to me. This week’s action: Review how you are ensuring security updates get installed in a timely manner.
Cyber 3-2-1: Reliance on passwords has made it onto the cybersecurity naughty list; Cyber insurance is getting more expensive; Use of the cloud is not a guarantee of security; How to convert 21gb of data into 10 years of jail time. This week’s action: A checklist for working from home.
Cyber 3-2-1: Why it’s probably no big deal that Accenture got hit by ransomware, why technology should make you paranoid, why you should never annoy a nerd, and why losing your wallet takes on a different meaning when it comes to cryptcurrency. This week’s action: Protect your crown jewels.
Cyber 3-2-1: Length matters (for passwords). If you pay a ransomware demand, expect more ransomware. And why there will be no end to your clients asking you about your cybersecurity defences. This week’s action: Do the maths on your backups.
Cyber 3-2-1: How one business took 24 years to build and 24 hours to destroy, what the EU’s Agency for Cybersecurity has to say about supply chain attacks, why you should ask more questions about the security of your IT service providers, and why you should expect to be asked similar questions by your clients. This week’s action: Ask questions. Seek evidence.
Cyber 3-2-1: Plain English cybersecurity advice in 3 articles, 2 statistics and 1 action, including how ransomware is not just about backups, how Connecticut is incentivising firms to improve their cybersecurity defences, and why Human Intelligence still beats the tech. This week’s action: Hug your staff.
Cyber 3-2-1: Plain English cybersecurity advice in 3 articles, 2 statistics and 1 action, including why cybersecurity influences the valuation of a fintech, how cyber attackers are after your cryptocurrency, the steps recommended by NIST to reduce the risk of ransomware, the reward offered by the US government for information about cyberattackers and terrorists, and the ongoing problem of password reuse. This week’s action: Find out why passwords are like your toothbrush.
Cyber 3-2-1: Plain English cybersecurity advice in 3 articles, 2 statistics and 1 action. This week, my focus is on firms that sell software or services to other organisations. You need to realise what the cybercriminals already know and what your prospects (and their regulators) are becoming increasingly concerned about: You are the perfect stepping stone into your clients’ computer systems and you could be the weakest link in your their cybersecurity defences. It was demonstrated in the WannaCry attack of 2017, the SolarWinds attack of 2020, and this month’s Kaseya attack that has impacted up to 1500 businesses. This week’s action: Recognise that your suppliers are a risk to you, and you are a risk to your clients.
Cyber 3-2-1: Plain English cybersecurity advice in 3 articles, 2 statistics and 1 action, including how multi-factor authentication is not foolproof, how ransomware negotiation is a growing cottage industry, how the EU and the US are hoping to share more information about cyber-attacks, how one gang laundered $500 million before being captured, and how 30 million Dell devices need an update. This week’s action: Verify links, app access and browser plugins
Cyber 3-2-1: Plain English cybersecurity advice in 3 articles, 2 statistics and 1 action, including why we’re all getting an increasing number of unsolicited calls these days, what we know about the HSE attackers, and why you may need to check the T&C’s of your insurance policies. This week’s action: If you don’t recognise the number, don’t answer the call.