What the Hack? September 2022

What the Hack? September 2022

.

Cyber Security Awareness Bootcamp

We all know cyber attacks are on the rise. But what is the biggest cyber risk? It’s us humans. Celebrate Cyber Security Awareness Month 2022 by joining Secon’s first ever Cyber Security Awareness Bootcamp.

With cyber crime on the rise (Check Point has reported a 32% growth in cyber attacks between 2021 and 2022, and Cybersecurity Ventures predicts cyber crime costs will grow by 15% per year over the next five years), cyber security awareness training is an important component of any organisation’s cyber security strategy.

That’s because although your employees are one of your greatest assets, they can also be your number one cyber risk. According to Kevin Mitnick, security consultant and famed hacker,

“Companies spend millions of dollars on firewalls, encryption, and secure access devices and it’s money wasted because none of these measures address the weakest link in the security chain: the people who use, administer, operate and account for computer systems that contain protected information.”

People who are unaware of common cyber security risks are more likely to disregard relevant policies and procedures, which could result in unintentional data disclosures or successful cyber attacks. However, employees who are cyber aware can quickly identify these threats, lowering the risk of cyber security incidents and preventing data breaches.

At Secon, we bring industry knowledge and people together to help businesses reduce their cyber risk. So, for Cyber Security Awareness Month, we’re delighted to announce we’ll be delivering a cyber security fundamentals bootcamp to help introduce the basics of cyber security awareness to your team.

In each bootcamp session, our team of experts will walk you through four critical areas of cyber risk and teach you how to practice cyber awareness in your daily routine. The bootcamp sessions will be offered on-demand from Monday each week and if you watch all four presentations, you’ll receive a certificate of completion from Secon.

As this is a special, condensed version of the cyber security awareness trainings we offer to clients, this bootcamp will be restricted to a limited number of registrants for Cyber Security Awareness Month. If you’d like join, please register today to secure your place.

Register now

The bootcamp will cover:

• Week 1 (10 – 14 October)

Phishing

Understand how you get phished, common phishing methods, how to spot a phishing email, and examples of recent phishing attacks

• Week 2 (17 – 21 October)

Digital hygiene

How to get the basics right, the importance of protecting your information online, and how to incorporate cyber security best practice into your daily life

• Week 3 (24 – 28 October)

Social engineering

What is a social engineering scam, common social engineering techniques, how to protect your digital footprint, and how to avoid becoming a victim

• Week 4 (31 October – 4 November)

Ransomware

How to prevent ransomware attacks and financial ruin, why email is your top ransomware threat vector, and ransomware recovery strategies

On-demand webinar Top 5 benefits of a consolidated Microsoft® Security strategy.

Organisations are spending more than ever on security and yet, the average time to detect and contain a breach is 287 days. The problem is, despite this increased spending, managing multiple siloed security tools is operationally intensive and can lead to missing early indications of compromise.

In this webinar, our Chief Security Evangelist, Andrew Gogarty, discusses the benefits of centralising your security with Microsoft® to reduce both complexity and cost.

Andrew also covers how Microsoft® Security has matured over the last few years, how it stacks up to other top security providers, and how you could replace up to 40 separate products with Microsoft®’s integrated, end-to-end security.

Watch this webinar today to learn about the benefits of a consolidated Microsoft® Security strategy, including:

• Integrated threat protection across cyber kill chain

• Reduced cyber spend from decommissioning third-party security tools

• Centralised visibility and automated response with Azure Sentinel

Watch now

Free phishing simulation tool

.

Do you know how many of your employees would fall for a phishing scam?

91% of successful data breaches start with a spear phishing attack.

We’re committed to making our connected world a safer place and helping everyone discover their cyber security vulnerabilities. Our partner KnowBe4 is offering this free phishing security test which lets you easily discover what percentage of your employees are Phish-prone™. This health check will also show you how you stack up against your peers with new phishing industry benchmarks.

Can you hack this?

Answers from August’s edition of our ‘Can you hack this?’ quiz:

1. How many cases did our SOC open in the last month?

Answer: Over 4600

According to new research, 80% of ransomware attacks can be traced to?

Answer: In Microsoft®’s second edition of Cyber Signals, they revealed that common configuration errors lead to 80% of ransomware attacks.

2. Featured question from the Secon team: Based on the majority of Cyber Risk Assessments Raymund Taylan, Senior Security Consultant, has been involved with, what do most organisations lack visibility and control over?

Answer from Raymund: Based on our CRA engagements and findings, most organisations who are on hybrid or on-prem setups lack visibility and control over Identity & Access Management. Without having full visibility and control over all risk areas, especially privileged access, this makes an organisation an easy target for threat actors as it gives them more time and remain undetected while they infiltrate the entire system, which ultimately leads to a data breach.

It’s recommended for organisations who are operating on-prem, hybrid, or cloud to extend their IT investments in securing identities and privileged access. To learn more about how you can effectively manage your privileged access and identities, please contact us and we’ll be glad to provide you with the best approach that suits your requirements.

This month’s questions:

1. What is the average ransomware payment in 2022?

2. According to the UK government, what percentage of micro and small businesses have a written incident management plan?

3. According to the National Cyber Security Centre (NCSC), what is the best way to prevent bad actors from spoofing your email?