This week: In the last issue of Cyber 3-2-1 for 2023, I find a way to connect internal auditors, pigs, and Ronseal. So, obviously, I need to take some time off!
I hope you have a great Christmas wherever you are.
PS Special thanks if you contacted me in 2023 with comments, feedback, or interesting stories.
3 – Your Internal Audit team needs to know more than 1 + 2 = 3.
“Internal audit work is valued in Ireland but business leaders want teams to expand the scope of their work, including assessing risks beyond their traditional core competence in finance [..] including in new areas like cyber and artificial intelligence, where changes are happening at pace.”
This is according to Andy Banks, Internal Audit leader at PwC Ireland, and recently quoted in The Irish Independent. A recent survey by PwC Ireland shows that 74% of firms do not believe internal auditors are effective at raising significant risks and that the core focus on finance needs to be broadened out to other areas of concern, including cyber.
Key Takeaway? The regulators are frequently raising concerns about the lack of technical and security expertise on Boards. This survey seems to suggest a similar concern exists in the Third Line world of Internal Audit. In other words, knowing that € 1 + € 2 = € 3 is important, but so is realising that “untrained staff” + “reliance on passwords” = “money walking out the door”.
2 – Are you a pig?
Did you know that some people think you are a pig, and are trying to find ways to butcher you?
I’m not talking about your eating habits or the cleanliness of your home. I’m talking about your value as a target for investment fraud. As Graham Cluley describes it, “fraudsters lure unwary victims into an online romance (typically having made an initial approach via a dating site, social media message, or even masquerading as a wrong number). Having slowly built up trust over time, “fattening up” their target, scammers manipulate their victim into making investments in a cryptocurrency platform… in the belief that massive profits can be earnt. The truth, of course, is that the only massive profits which will be made are by the scammer themselves.”
Key Takeaway: If you think you’ve met the man or woman of your dreams online, make sure it doesn’t become a nightmare. (Many cynics out there may say the same about the physical world!)
1 – The Ronseal of the cyber security world.
“An easy-to-use online tool which helps you to determine whether a website is likely to be legitimate or a scam. Simply type in the address of the website you want to check, and your results will appear within seconds.”
This is the key benefit of the free CheckMyLink service, which has been launched by CyberSkills. Apparently, “the service cleverly uses an algorithm to provide a trust score based on more than 40 data sources as well as thousands of reports of malicious websites from law enforcement agencies, regulators and consumer brands every week”. It is based on a service provided by ScamAdviser.
(PS When I clicked the link to access this site today, my website security scanner blocked access as it said the site was malicious. Don’t you just love it when one security layer gets in the way of another!)