About Andy Thomas

This author has not yet filled in any details.
So far has created 3 blog entries.

The Internet of Things: Security vs. Convenience

By |August 31st, 2016|

CSIDIn the past few years, we’ve seen the Internet of Things (IoT) take off, and there appears to be no slowing. A new report from BI Intelligence forecasts there will be 34 billion devices connected to the internet by 2020. Think: smart cars, fridges, thermostats, tvs, alarm systems and more. Simply put, this is the concept of connecting any device with an on and off switch to the Internet (and/or to each other).

Take the car industry for instance. We’ve seen a surge in new, connected functionality, like: Where your car is? How much fuel it has? And, the ability to control its air conditioning remotely. While connecting our world brings added convenience to our everyday lives, it opens up a broader discussion around what we may be sacrificing from a security perspective.

Remember last year when cybersecurity experts Charlie Miller and Chris Valasek demonstrated that they could remotely hijack a Jeep’s digital system over the Internet? Well, they are back at it again, but this time, they bypassed a set of safeguards deeper in the vehicles’ networks. While patches have since been implemented, our very own CIO Adam Tyler reminds us in our latest Firewall Chat’s episode that these devices are capable of the same risks we see with our laptops or smartphones.

“The fact that these devices are computers; highly advanced, highly intelligent, highly capable devices means that they run the same risks as those that we associate with our laptops and our phones.” Tyler said. “So just like exploits can be used to hack into your laptop, so too can these exploits be used to hack into these IoT devices.”

While the thought of a hacker gaining control of your fridge is perhaps less daunting than the idea of them taking control of your car, the reality is that these product may service as a gateway to more sensitive information.

So what can you do to stay secure? First and foremost, consumers need to be aware of the risks associated with using these devices. Read the privacy policies to understand how your data is stored, collected and transmitted. If passwords are used on the device, be sure you’re creating strong, long and unique passwords. Apply software updates when available to patch security vulnerabilities in the same way you do with your smartphone or laptop.

Learn more about the IoT in our recent podcast, and be sure to weigh in on Twitter or Facebook with your thoughts on security and privacy risks associated with the IoT.

As Social Media Usage Soars, How Can Your Business Mitigate Risk?

By |August 3rd, 2016|

social sharing mitigate riskThe Internet is dominated by social media sites, and Ofcom reported in 2015 that 72% of adult Internet users had some form of social media profile.

People are using social media to tell the world who they are and who they work for, posing a risk of a data breach for businesses. IBM have stated in their 2014 Cyber Security Intelligence Index report that cyber criminals are targeting employees on social media sites in a bid to exploit the businesses that they work for.

Amidst all of this, what can you do to try and prevent your business being attacked?

Plan

Be sure to have a breach preparedness plan in place in case of a cyber attack. This plan can help keep customer relationships intact and reduce business reputation damage. CSID can guide you through the necessary steps to mitigate the effects of a data breach and provide comprehensive identity theft protection products for those that have been affected. We customize solutions to your level of risk, the type of data exposed, the severity of the breach and your budget.

Educate

As the saying goes, ‘prevention is better than a cure’. The same can be said about cyber attacks. Educate your employees and highlight the importance of digital security. Have policies and guidelines in place to allow employees to make secure decisions.

Do your employees have a VPN they can use if working in a public area? Are there guidelines in place if your employees use their own devices for work purposes? Are employees allowed access to social media whilst on work premises? Ensure you can answer these questions.

Teaching employees about the latest phishing scams, best password practices and social media risks can help them better identify suspicious activity both personally and within your business.

Insure

Cyber insurance coverage is just one piece of the puzzle when it comes to data breach mitigation, but a robust policy can help weather the storm in the event a data breach occurs.

According to leading global insurance companies, such as Beazley and PwC, the demand for cyber insurance coverage is expected to increase 300% by 2020. Most commonly, a cyber insurance policy can help businesses temper the costs of the following breach mitigation activities:

  • Reputation management post-breach – eg. work with a PR agency
  • Legal costs, fines and compensation claims
  • Website reconstruction and intellectual property rights infringements
  • Network security liability such as damages for the loss of data on third-party systems
  • Service interruptions and related consequences
  • Notification of affected parties

We take a deeper dive into the topic of cyber insurance coverage in our recent podcast episode, where we sit down with Alessandro Lezzi from Beazley.

Do you want to share any of your best practice tips on how to stay safe online? Let us know on Facebook, Twitter or LinkedIn.

One of the worst habits of Internet users

By |June 8th, 2016|

shutterstock_226282561How many online accounts do you own? Your banking account, your shopping account, your smart phone account, the pizza delivery service… the list goes on.

It’s likely each one of these accounts require a username and password. Unless you have a superhuman memory, you’ve probably reused the same account credentials across several of them. This is one of the biggest mistakes that you can make online, and it can leave you — and the businesses you patronise — incredibly vulnerable to cyber attacks. Here’s why.

Say a hacker gains access to your online account with your hairdresser. You may not care if he knows about your appointment for a cut and blow dry at 10am on Friday with Emma, but he does care about the account credentials that he’s now in possession of. If you have used the same password for another online account that stores more sensitive information, such as your online banking account, he can now find out a lot more about you than just your hair preferences, and use that information as he pleases.

How does this common bad habit affect the businesses you patronise, or your place of work? If employees utilise their work credentials on personal online accounts and reuse the same credentials across multiple accounts — and one of those accounts is hacked — a business can be left exposed.

Besides kicking that nasty habit of account credential reuse, one of the easiest ways to reduce your online vulnerability is to utilize strong, unique passwords across your online ecosystem.

For the strongest passwords:

  • Make sure your combinations are at least 12 characters long, and are a cryptic combination of letters and numbers.
  • Take care to avoid your name, birthday, or pet’s name.
  • Create a unique password for each site.
  • Change your passwords a few times a year, and especially after being notified after a breach.
  • Implement two-factor authentication for sites whenever possible.

For more on this topic, listen to our latest podcast here or download our white paper, “Mitigating the Risk of Poor Password Practices,” here.

Load More Posts