4 min read

Lessons learnt from the IT and security news

Lessons learnt from the IT and security news

This week, there are some interesting lessons we can learn from the IT and security headlines. Learn from other businesses mistakes so you you don't have to:

Sign up to our newsletter

Remote working – it’s here to stay

Remote working – it’s here to stay, even after June 21st. Make sure your IT and security is set up to prevent unwanted attacks. We’ve created a quick guide to highlight the key steps to remote working cybersecurity – download the guide and let me know what you think.

Cybersecurity for remote working guide

UK courts can protect your reputation after a ransomware attack with interim order

Did you know that the UK courts may be able to protect your most sensitive data from being reported by the press?

Ransomware is about cybercriminals threatening to leak your sensitive data – data such as internal investigations that could damage your brand and reputation.

You could protect your most closely guarded secrets from entering the public domain. There is an application known as an 'interim order', through the High Court, which can prevent disclosure of sensitive data.

So, if a hacker got hold of your data in a cyberattack and released it, the press could not report or disclose the information that is protected.

Source: New Foods Magazine

Legacy IT systems could be the downfall to security

A recent report has found that 86% of national infrastructure companies in the UK have been hacked in the past 12 months. Many of them use legacy systems – One third are between 11 - 20 years old. UK infrastructure is set to modernise, making them more connected, but at the same time widening their attack surface.

The report suggests that a lack in cyber skills is increasing the issue.

Dealing with old IT infrastructure

You can modernise your IT infrastructure while undergoing digitalisation and tech plans. If you have no major technology improvements to make, then make sure your IT doesn't get left behind. A 10-year-old server is past its prime and needs to be replaced – why not look into cloud alternatives?

Training everyone to have a fundamental grasp of cybersecurity is going to help reduce the entry point of a cyber-attack. Lean on an expert if you do not have any employees that have IASME or equivalent cybersecurity training.

Source: Info Security Magazine

Data breaches rising because of remote working

Computer Weekly report that a huge rise in data breaches over the past few months are due to remote working and businesses relaxing their normal security protocols. Cyber criminals are targeting these new vulnerabilities in defence.

How should I respond?

Anyone involved in security and compliance should carry out a gap analysis for risk assessments, processes and policy. Identify where risks have been or could be introduced and then you can begin to address them. Get in touch if you want advice on identifying and bridging security gaps.

Request call back

Rise in copycat websites

Google has registered 2,145,013 phishing sites as of January 17, 2021, this is up from 1,690,000 on January 19, 2020 (up 27% over 12 months). 

What can we learn?

This highlights the importance of website filtering as a cybersecurity control. We hear about more incidents of company websites being copied – looking almost identical to the authentic ones. It’s actually quite easy to find out a websites coding – if you ‘right click’ now on our webpage and select ‘source code’, you can see some of ours.

What can’t be copied is the exact url. This is how you can tell whether a website is legitimate or not.

Aside from having awareness of your business website being replicated, pay close attention when making payments online or providing your bank details. If you need to make a payment online, Google a brand to find their website rather than following a link from an email.

Source: Tessian

15 Derbyshire schools forced to suspend online teaching following a cyber attack

It’s reported that 15 schools in the Nova Education Trust have been forced to shut down its systems and postpone virtual teaching because of a cyber attack. They cannot use email, phones or their website.

A bug was discovered in the early hours of this morning.

Luckily their text messaging service must be separate to their other communications channels, as pupils were informed by SMS.

Their Twitter page reads: "Please do not access your emails or open documents from your lessons as we are aware of the internal cyber issue and are working hard to fix it."

Lessons we can learn

If you had a cyber-attack, do you have a procedure in place to inform your staff and customers? Bear in mind that normal communications channels like email may not be accessible.

Head teachers and school boards should check what protocols they have in place at their school. This links with my next news item about teaching children about passwords. Carrying out a security and compliance gaps analysis is a good starting point.

Get in touch with me if you need any help defining what good process and protocols look like.

Request call back

Source: Derbyshire Telegraph

Early education on password security

Leading on from the previous news story… Amidst of the coronavirus pandemic, our kids have plunged into hours of unsupervised internet access. They face a multitude of risks, opening the door to malicious cyber-attacks on family devices.

So, remember to tell your children:

  • Don’t use the same password twice
  • Don’t share your passwords

I advise installing the free version of Last Pass to securely store your passwords. It also monitors the dark web to see if your details have been stolen.

Source: Digit

What next?

Subscribe to our newsletter for more IT, Technology and Cyber news and tips:

Sign up to our newsletter

New Microsoft Edge features, ethical hackers and West Ham FC data leak

4 min read

New Microsoft Edge features, ethical hackers and West Ham FC data leak

How secure are your suppliers? New Microsoft Edge features, ethical hackers and West Ham FC data leak... here are the IT and cyber headlines that...

Read More
On-Premise Microsoft Exchange cyber-attack and latest news

3 min read

On-Premise Microsoft Exchange cyber-attack and latest news

The on-premise Microsoft Exchange server cyber-attack has dominated the news this week. It has affected many businesses, so make sure that you...

Read More
Urgent WordPress plugin update and more IT & cyber news

3 min read

Urgent WordPress plugin update and more IT & cyber news

Urgent WordPress plugin updates, broadcaster down-time and real cyber-attack negotiations, here is my weekly round-up of mainly cyber news this week:

Read More