When Cyber attacks and Phishing Go To Far
11 April 2016
Despite the recent spate of multiple, widely publicised cyber attacks that have resulted in the direct loss of personal, corporate and financial data, most companies still do not adequately protect themselves against this kind of attack. Although we are seeing an upward trend, board members and company executives are still downplaying the threat, ignoring it entirely, or simply do not understand the very real danger that these types of cyber attack pose to intellectual property, reputation, revenues and employees.
Customer perception of your secure, stable brand is paramount, regardless of your industry or the vertical your brand falls into. We must all recognise that defence against cyber attacks is no longer the sole responsibility of a company's IT department; it is in fact a shared responsibility, all the way from the boardroom to reception. Board members must drive internal security policies regarding cyber attacks forward, alongside introducing staff tarining. This should be carried out with the aim of changing the prevailing culture regarding cyber security, especially as CEOs tend to be held accountable when a major data breach occurs.
While a strong human firewall against cyber attacks should be at the forefront of your security programme, you should also consider the digital footprint of corporate and personal information in the public domain. Attackers are increasingly crafting very sophisticated and targeted spear phishing emails, in order to achieve high success rates in terms of gaining access to sensitive data. By way of example, we have recently seen cyber attacks taking advantage of the Electoral Roll Register: where hackers craft phishing emails that reference your home address in order to appear genuine, dissuading any suspicion in the process.
The popular idiom “What you don’t know won’t hurt you” no longer holds true. Remain vigilant by carrying out regular open source intelligence searches on your company and employees from a hacker’s perspective, in order to gain an understanding of what a potential attacker could exploit. Ultimately, your effectiveness in handling and containing cyber attacks is paramount to the ongoing wellbeing of you and your organisation.Receive our monthly newsletter