The Cyber Awareness Round-Up 8/8/24
Bob's Business | The Cybersecurity Culture Company
Award-winning, industry-leading cybersecurity awareness and phishing campaigns to reduce risk in every organisation.
Hello from Bob’s Business! Welcome back to the Cyber Awareness Round-Up.
Since 2007 we have been leading the way in cybersecurity awareness e-Learning. Now, we're excited to bring you the latest news from the sector.
If you have any questions or would like to discuss further, please reach out. Our team is ready to provide engaging and cost-effective solutions to make your staff your strongest defence.
Contact us at [email protected], and our team will be ready to help you.
In this edition:
?? ICO considers fining software firm for NHS cyber breach
??Check that email carefully — experts warn anti-phishing tools in Microsoft 365 can be easily bypassed
?? Is your business ready for the inevitable cyberattack?
??Business Continuity and Cybersecurity: Beyond the initial Crowdstrike disruption, what can we learn?
??Data breach victims up by more than 1,000%
领英推荐
The fallout from the NHS cyber breach rumbles on. The Information Commissioner’s Office (ICO) is considering a £6.09 million fine for Advanced Computer Software Group following a data breach that compromised personal information of 82,946 individuals. The breach occurred via a customer account lacking multi-factor authentication, leading to a ransomware attack that disrupted NHS services and exposed sensitive data. While no data has been found on the dark web, the ICO stresses the importance of robust security measures and will finalise the decision after reviewing Advanced’s representations.
Experts have found that anti-phishing tools in Microsoft 365 can be easily bypassed, posing a risk to Outlook users. Researchers from Certitude demonstrated that the "First Contact Safety Tip" feature can be manipulated using CSS within emails, allowing phishing attempts to evade detection. Despite notifying Microsoft, the company has not yet addressed the vulnerability, leaving users potentially exposed to phishing attacks.
Nowadays it appears not to be a matter of if, but when... businesses must prepare for inevitable cyberattacks by enhancing their cyber resilience. The UK Government Cybersecurity Breaches Survey shows a rise in cyberattacks, with half of UK businesses affected in the past year. Companies should adopt zero trust principles, conduct regular security tests, implement smart and immutable data backups, and integrate data protection with emerging technologies. Proper planning, investment in robust data protection, and promoting good cyber hygiene are essential to minimise disruptions and ensure quick recovery from cyber incidents.
Business Continuity and Cybersecurity: Beyond the initial Crowdstrike disruption, what can we learn?
The CrowdStrike meltdown, caused by a faulty update file, led to widespread disruption, including the infamous "blue screen of death" on Windows systems. This incident underscores the importance of robust business continuity and cybersecurity measures. Businesses should prioritize thorough testing of updates, understand critical infrastructure dependencies, and implement proactive protection strategies. Learning from this event can help organisations minimise the impact of future cybersecurity threats.
Data breach victims have surged by over 1,000% in the past year, with the second quarter of 2024 alone seeing over one billion affected individuals. Major incidents, including those involving Prudential and Infosys McCamish Systems, contributed significantly to this rise. The increasing volume and complexity of cyberattacks make it crucial for organizations to adopt comprehensive, proactive cybersecurity strategies, often necessitating the support of third-party IT consultants to effectively manage vulnerabilities and enhance protection measures.
Thank you for reading! We hope you found this useful. Please feel free to share this newsletter far and wide.