Enterprises are well aware of threat attacks which pose a huge challenge to IT security, perpetrated by technical hackers who infiltrate computer systems to steal protected data. The truth is, however, that many of the most effective cyber attacks are not directly inflicted upon hardware or software, but instead, are targeted on people.
When evaluating cybersecurity risk, we tend to focus on technological factors: patches and upgrades, vulnerabilities, attack vectors, and so forth. Yes – technology solutions are vulnerable, and cybersecurity breaches are usually facilitated by advanced hacking technology.
However, the perpetrators behind cyber-attacks are human. These human actors have human motivations: greed, or a political agenda. Furthermore, cyberattacks often rely on human weaknesses – socially engineered cyberattacks, for example.
The internet of things (IoT) is undoubtedly growing rapidly. According to Gartner the typical CIO will be looking after triple the number of IoT devices in 2023, compared to the number of IoT devices under their security remit in 2018.
This influx is caused by a mix of repurposed consumer devices, IoT devices that support infrastructure and business-specific IoT devices. Dodging the explosion of IoT devices is impossible, and yes, IoT does deliver a lot of advantages – but the security implications can be serious.
The World Wide Web has always been a valuable source of information and a reliable means of communication to masses of users across the globe. With more than 5 billion Google searches made every day and a projected $3.5 trillion online retail sales for 2019, you’d think that the internet as we know it is already as vast as it can be.
Unknown to most people, however, is that the surface or visible web—the part of the internet which the average user can access through search engines—comprises only about 4% of the entire web. The rest is composed of the deep web, a small part of which is the oh-so-mysterious (for the curious) but essentially shady, dark web.
In this blog, we’ve covered many of the ins and outs of BYOD (bring your own device), including the pros and cons. In reality, much of the discussion is no longer about whether employees should be allowed to connect to company networks with their own devices, BYOD is simply becoming the standard way of operating.
A study published in 2016 suggested that 59% of businesses allow BYOD, and things have certainly moved along in the intervening years. The only remaining point of discussion is BYOD cybersecurity. In this post, we give you eight top tips to help ensure BYOD does not pose a threat to your business.
A new IT security threat is infecting computers across the globe, and it could be wreaking havoc on your organisation’s devices as you read this post. This malware threat uses a computer’s processing power to mine cryptocurrency, without the knowledge or consent of the owner.
Unauthorised cryptocurrency mining–or cryptojacking, as it is commonly called, is spreading like wildfire. This is not surprising, given how simple it is for cryptojacking scripts to infiltrate a computer. Hackers can initiate it using one of two methods:
The year 2017 was a dismal year for IT security, particularly in the arena of ransomware.
Less than 12 months ago, the ransomware worm WannaCry wreaked havoc across the globe, placing large organisations – including NHS trusts in England and Scotland, at the forefront of one of the most prolific cyber attacks in history. Then followed NotPetya (initially believed to be the Petya malware of 2016) in June, which also spread quickly and, even without the aid of human intervention, managed to harm multinational companies.
Yet more ransomware attacks compromised the data of individuals and organisations, but they were not nearly as high profile as the aforementioned attacks, and this prompted many people to believe that ransomware is no longer the threat that it was twelve months ago. But is this really the case?
DDoS attacks are typically designed to inundate servers and entire networks by consuming computing resources through large volumes of traffic, connections, or requests. And so, because cloud infrastructures are assumed to be backed by a large assemblage of such resources, many people believe their servers are less susceptible to these types of attacks if they’re hosted in the cloud. But that’s not entirely true.
If your servers are hosted in a multitenant environment along with a bunch of other servers belonging to other organisations (which is usually the case in a public cloud), your servers could be at risk of collateral damage. If those other servers (note: not yours) are bombarded by a DDoS attack and your cloud service provider (CSP) attempts to absorb the attack, your own servers, which share the same underlying infrastructure with those other servers, could also suffer.
Love it or hate it, IT departments cannot prevent users from engaging with Wi-Fi networks; the convenience factor is simply too high. The IT security risks are real, however, whether your users are roaming – or using Wi-Fi where you have some control over internet security, such as the office space. It is also an evolving threat, with the gold standard of Wi-Fi security, WPA2, losing its shine. In this article, we discuss the next generation of Wi-Fi security, WPA3, and the measures you should currently be taking to boost your company’s Wi-Fi security.
The cyber threat landscape continues to evolve and in order to maximise your cyber security budgets and position resources where they are most needed, you need to know what threats are most likely to make an impact in the near future. To help you, we’ve put together a list of what we believe are going to be the top 4 cyber threats in the UK.