Just like at school, we focus on what we will be tested on. We should focus ono what the cyber attackers will test us on.
Cyber 3-2-1: BNP Paribas blocks Russian staff from its global computer network, your website contact form could be the first step in a cyber attack, and the HSE is about to contact people who data was stolen in last year’s cyber attack. This week’s action: Remind staff that the first email is not the only one to look out for.
Cyber 3-2-1: A report explains why the HSE attack was not sophisticated. The UK’s NCSC explains why the most severe computer vulnerability in years may have identified this week. And I ask why so little of your security budget is invested in improving your defences against more than 90% of attacks. This week’s action: Security is not just about technology. It’s about humans. Invest in your human defences.
Cyber 3-2-1: What can we learn from the HSE attack? When is 2FA worth Sweet FA? Why wouldn’t cyber attackers be too worried about 30 countries working together to tackle the scourge of ransomware? This week’s action: Check for updates.
Cyber 3-2-1: It’s not as simple as “Windows 7 = bad / Windows 10 = good”, or “Password = bad / Passwordless = good”. But it certainly is as simple as “2FA = Good”. This week’s action: Test your backups
Cyber 3-2-1: Plain English cybersecurity advice in 3 articles, 2 statistics and 1 action, including a major fire at one of Europe’s largest cloud providers, a decision by AXA in France to no longer cover ransomware payments, the ongoing cost and impact of the HSE attack, and a spyware attack on Android phones that is currently circulating in Ireland. This week’s action: Get rid of data you no longer need.
Cyber 3-2-1: In the aftermath of a cyber attack on Ireland’s healthcare system, it will be no surprise that this week’s Cyber 3-2-1 discusses the many aspects of this crime. Most importantly, the fact that this not the human’s fault. This week’s action: Review and restrict access to data.