Cyber 3-2-1: A Cyber Security Baseline Standard has just been published in Ireland, Bank of Ireland has been fined €24m for risks that never materialised, and. Ireland’s DPC tells us that If we have a complaint about a neighbour’s use of CCTV, we need to take it up with the courts. This week’s action: Review your Incident Response Plan.
Cyber 3-2-1: Length matters (for passwords). If you pay a ransomware demand, expect more ransomware. And why there will be no end to your clients asking you about your cybersecurity defences. This week’s action: Do the maths on your backups.
Cyber 3-2-1: Plain English cybersecurity advice in 3 articles, 2 statistics and 1 action. This week, my focus is on firms that sell software or services to other organisations. You need to realise what the cybercriminals already know and what your prospects (and their regulators) are becoming increasingly concerned about: You are the perfect stepping stone into your clients’ computer systems and you could be the weakest link in your their cybersecurity defences. It was demonstrated in the WannaCry attack of 2017, the SolarWinds attack of 2020, and this month’s Kaseya attack that has impacted up to 1500 businesses. This week’s action: Recognise that your suppliers are a risk to you, and you are a risk to your clients.