BURAK ACTIONS
- Mandatory 2 step authentication
- Check Abdul’s personal email security
- Firefox sync uninstall
- Lastpass
- Check g suite backups
- Phishing tests
- https://www.knowbe4.com/
Cyber Attack Stats
- 54% of UK companies hit by cyber attack
- Average cost of CA is 3k-36k
- 96% of companies not confident can protect themselves
- Most common attacks by fraudulent email, impersonation and ransomware
- 76% of K adults don’t know what ransomware is
- 56% of organisations hit by Ransomware paid ransom
- Global attack map: https://www.youtube.com/watch?v=bWXIJSiagBY
Ransomware
- A variant of malware
- Malware is malicious software
- Many different variants
- Cryptolocker, cryptowall, locky
- Multiple delivery methods
- Email, compromised websites, software vulnerabilities
Phishing
- Phishing is the attempt to obtain sensitive information such as usernames, passwords and credit card details
- These attacks are untargeted and generally sent out to a huge number of recipients at one time
- Often directs users to enter personal information at a fake website
CEO Fraud / Whaling
- Impersonating a senior officer, bosses etc to order a fraudulent bank transfer
What is social engineering?
- A type of confidence trick for the purpose of information gathering, fraud or system access
- It is often one of many steps in a more complex fraud scheme
- Targets employees, not IT systems
- Employees often do not see themselves as part of the organization information security effort
How to stay protected
- Risk management regime
- Develop an appropriate risk management regime
- Ensure this is supported by the board and senior managers
- Clearly communicated approach
- Secure configurations
- Identify core business technology
- Develop strategy to remove old technology and services
- Introduce a patching policy
- This will reduce the risk of compromised systems
- Network security
- Protect your networks from attack
- Filter internet access
- Update default passwords on your network devices
- Consider your data location and how you (or attackers) can access it
- Managing user privileges
- Develop a process of granting access to data
- Review current access levels
- Does everyone have access to everything?
- Monitor user’s activity on the network and key systems
- Audit the logs of your network and key systems
- User education and awareness
- Review staff’s current cyber security awareness levels
- Introduce cyber security awareness training
- Both for new and existing staff
- Develop a security conscious culture
- Incident management
- Establish an incident response and DR capability
- Test your backups and DR plan
- Review your current downtime and decide if this is appropriate for your business
- Report criminal incidents to law enforcement (police / action fraud)
- Malware prevention
- Establish malware protection across your network
- Ensure this is on all your devices
- Ensure this is regularly updated and regular scans performed
- Malware prevention
- Establish malware protection across your network
- Ensure this is on all your devices
- Ensure this is regularly updated and regular scans performed
- Make sure access scan is activated (antivirus scans files accessed)
- Monitoring
- Continuously monitor all systems and networks
- Analyse logs for unusual activity that could indicate an attack
- Establish a monitoring strategy and produce supporting policies
- BURAK: There are software that uses AI to define normal traffic, then alerts you irregularities (if someone accesses other folders than sales and marketing they usually do)
- Removable media controls
- Produce a policy to control all access to removable media
- Limit media types and use
- Scan all media for malware before importing onto the system
- BURAK: No usbs would be used
- BURAK: Autoplay needs to be turned off
- Home and mobile working
- Develop a mobile working policy and train staff to adhere to it
- Apply the secure baseline and build to all devices
- Protect data both in transit and at rest – encryption is an option for this
- BURAK: Consider VPN
- BURAK: Are company laptops have antivirus on them?
Small Business Cyber Security Steps
- From the national cyber security centre
- Focused on SMEs
- This advice will significantly increase your protection
Backing up your data
- Tip 1: Identify what data you need to backup
- Tip 2: Keep your backup separate from your computer
- Tip 3: Consider the cloud
- Tip 4: Make backing up part of your everyday business
Protecting your organisation from malware
- Install and turn on antivirus
- Prevent staff from downloading dodgy apps
- Keep all your IT equipment up to date – patching
- Control how USB drives (and memory cards) can be used
- Switch on your firewall
BURAK: G Suite backups – backup of cloud
Onedrive, dropbox, 365
Storage craft – channel only IT companies
https://www.backupify.com/gsuite-backup
https://www.getapp.com/it-management-software/a/backupify/pricing/
Keeping your smartphones and tablets safe
- Switch on password protection
- Make sure lost or stolen devices can be tracked, locked or wiped
- Keep your device up to date
- Keep your apps up to date
- Don’t connect to unknown wifi hotspots, or at least use VPN
- Smaller wifis like coffee shops etc are not secure
Faster, safer, and smarter browsing
Ghostery helps you browse smarter by giving you control over ads and tracking technologies to speed up page loads, eliminate clutter, and protect your data.
Using passwords to protect your data
- Make sure you switch on password protection
- Use two factor authentication for important accounts
- Avoid using predictable passwords
- Help your staff cope with password overload
- Change all default passwords
Mobile device management
Corporate container
EMM
https://en.wikipedia.org/wiki/Enterprise_mobility_management
Use landline from mobile app
People calling landline will be directed to mobile phone
Or you can call from mobile and customer will see your landline
Domain password criteria
Must contain this amount of letters numbers etc
Use password managers
https://www.lastpass.com/multifactor-authentication
Backup and disaster recovery
- Ensure you have a robust backup and DR strategy
- Test your backup on a schedule
- Recommended testing backups for file recovery monthly
- Recommended testing DR every six months
- Review RTO and RPO for your backup system
RTO and RPO?
- RPO: Recovery point objective
- RPO: how long can you afford to go back in time to restore a backup?
- RTO: Recovery time objective
- RTO: How long can you afford to be down in your business?
- Both are important, separately measured and unique to each business.
If security is tedious or difficult, people will not use it. It needs to be convenient
Password Manager
- They give you huge advantages in a world where there’s far too many passwords for anyone to remember.
- They make it easy for you to use long, complex, unique, passwords across different sites and services with no memory burden
- They are better than humans at spotting fake websites, so they can help prevent you falling for phishing attacks
- They can generate new passwords when you need them and automatically paste them into the right places
- They can sync your passwords across all your devices, so you’ll have them with you whether you’re on your laptop, phone or tablets
Sites that support 2 step authentication
Cyber essentials
https://www.cyberessentials.ncsc.gov.uk/
- Secure configurations
- Close accounts which are not used
- Remove software you don’t need
- Change all default admin pwd to a strong pwd
- Disable autorun features
- Boundary firewalls and internet gateways
- Needed on office devices
- Needed on home office devices
- Change default pwd to a strong one
- Access control and admin privilege management
- Do not use admin account day to day
- Use strong admin pwd
- Do you have a list of admin privileges
- Patch management
- Correct licenses for your software
- Set to update auto
- Receiving security patches
- Malware protection
IASME Governance
https://www.iasme.co.uk/the-iasme-standard/
Cyber Essentials
https://www.cyberessentials.ncsc.gov.uk/