This week: Insider threat is becoming a bigger threat; don’t forget your website, and what Noodles the Pooch can teach us about cyber security training.

 

3 – The Insider Threat is becoming a bigger threat

“Promises of large payouts are [being] made to professionals in exchange for facilitating access for the thieves or deploying the ransomware themselves”.

According to a recent report in The Register, one cyber criminal gang is now offering large rewards to any employees who can help them gain access to their employer’s IT systems. Disgruntled employees or those under financial duress may be more likely to consider an attacker’s offer. Apparently, an earlier investigation found that another gang may be offering 40 percent of the total proceeds of a successful attack in exchange for deploying their ransomware.

So what? Many of your current security measures may assume a staff member (or third-party partner) can be trusted. Unfortunately, with emerging threats like this one, there’s a reason why the phrase ‘Zero Trust’ has taken hold in cyber security circles.

 

2 – Don’t forget your website

“Anyone building websites [..] should follow security best practices in how they configure the sites to ensure they remain as protected as possible.”

This is a recommendation from a recent article on Dark Reading that details the latest malicious WordPress plugin discovered by the team at WordFence. When it comes to website security, WordPress gets all the press (pun intended..), but the advice applies to any website platform.

So what? When you think about cyber security, don’t forget about the shop front that all of your clients are walking through.

 

1 – Cybersecurity Training by Noodles The Pooch

LinkedIn is a professional business networking platform. It is no place for funny videos.

But, what if the funny video relates to cyber security training? I will let you decide.

(It looks like the original video is on TikTok, but I may be about 30 years too old to sign up for that platform!)

So what? To improve staff engagement, we need to find ways to make the training more entertaining. Alternatively, we could just disable the fast-forward button!