Cyber 3-2-1: This week, there’s one for everyone in the audience, including the board of directors and anyone who relies on an IT MSP to manage their cloud systems. The two numbers this week remind us why invoice fraud is so rampant – Because that’s where the money is! The thing to think about this week? Take two minutes to find out your cybersecurity score.
Cyber 3-2-1: Happy New Year. I know I’ve been talking a lot this week about how it’s not so happy for LastPass users, so I will not linger too much on that carnage for the moment. Instead, let’s talk about what Ukraine’s Cyber Police, the UK’s NCSC, and Ireland’s DPC have been up to while we’ve been eating too much chocolate.
Cyber 3-2-1: This month and last month, Ireland’s police, government and national cybersecurity agency have warned SMEs about the ever-increasing threat of cyber attacks. And yet executives and boards will continue to deliberately ignore this risk until their valuables have been stolen. This week’s action: You are choosing your own adventure. Make sure you are comfortable with your choice.
Cyber 3-2-1: A Cyber Security Baseline Standard has just been published in Ireland, Bank of Ireland has been fined €24m for risks that never materialised, and. Ireland’s DPC tells us that If we have a complaint about a neighbour’s use of CCTV, we need to take it up with the courts. This week’s action: Review your Incident Response Plan.
Cyber 3-2-1: Length matters (for passwords). If you pay a ransomware demand, expect more ransomware. And why there will be no end to your clients asking you about your cybersecurity defences. This week’s action: Do the maths on your backups.
Cyber 3-2-1: Plain English cybersecurity advice in 3 articles, 2 statistics and 1 action. This week, my focus is on firms that sell software or services to other organisations. You need to realise what the cybercriminals already know and what your prospects (and their regulators) are becoming increasingly concerned about: You are the perfect stepping stone into your clients’ computer systems and you could be the weakest link in your their cybersecurity defences. It was demonstrated in the WannaCry attack of 2017, the SolarWinds attack of 2020, and this month’s Kaseya attack that has impacted up to 1500 businesses. This week’s action: Recognise that your suppliers are a risk to you, and you are a risk to your clients.