Archive for May, 2016

No one wants to announce a security breach

Tuesday, May 31st, 2016

Telling the world (or just your clients) that you’ve had a security breach is embarrassing and it has a huge effect on people’s confidence about your business. LinkedIn just announced such a breach and it spells nothing but trouble.

Screen shot 2016-05-31 at 10.50.08“On May 17, 2016, we became aware that data stolen from LinkedIn in 2012 was being made available online. This was not a new security breach or hack. We took immediate steps to invalidate the passwords of all LinkedIn accounts that we believed might be at risk. These were accounts created prior to the 2012 breach that had not reset their passwords since that breach.”

LinkedIn Trust & Safety Team

For an organisation that makes its living from the exchange of personal data, this is a serious issue. It means that everyone on the business networking site, all of whom have been notified of this situation, will be rethinking their membership (and if they’re not, they should be). We’re not saying ‘leave LinkedIn’ but what we are saying is that LinkedIn should enforce regular password changes and take every step possible to prevent this happening again.

LinkedIn has 433 million members – that’s a lot. That’s also a lot of data to be unsecured. The data affected was email addresses, passwords and member IDs. Hackers don’t always target such high profile sites, they go after any site randomly – accessing information, placing hidden links, installing hidden ‘back doors’ to your site and adding malware to infect your visitors. We were handed a problem website recently only to find 55,000 hidden links in a 100-page site.

Don’t risk your own security, no matter what size of business you are.

Don’t risk having to tell all your clients that their data has been exposed.


Are you safe from computer hackers?

Thursday, May 12th, 2016

Some scary numbers here…

Two thirds of large UK businesses experience computer hacking
Nearly seven out of ten attacks on all firms involved viruses, spyware or malware.
Record £1.9bn government investment to protect UK but industry must act to help protect themselves

And the new National Cyber Security Centre will launch in the autumn 2016.

Britain’s businesses are being urged to increase protection from cyber criminals after government research into cyber security found two thirds of large businesses experienced a cyber breach or attack in the past year. The research also shows that in some cases the cost of cyber breaches and attacks to business reached millions, but the most common attacks detected involved viruses, spyware or malware that could have been prevented using the Government’s Cyber Essentials scheme.

The Cyber Security Breaches Survey found that while one in four large firms experiencing a breach did so at least once a month, only half of all firms have taken any recommended actions to identify and address vulnerabilities. Even fewer, about a third of all firms, had formal written cyber security policies and only 10% had an incident management plan in place.
Minister for the Digital Economy Ed Vaizey said: “The UK is a world-leading digital economy and this Government has made cyber security a top priority. Too many firms are losing money, data and consumer confidence with the vast number of cyber-attacks. It’s absolutely crucial businesses are secure and can protect data. As a minimum companies should take action by adopting the Cyber Essentials scheme which will help them protect themselves”.

Results from the survey are being released alongside the Government’s Cyber Governance Health Check, which was launched following the TalkTalk cyber-attack. It found almost half of the top FTSE 350 businesses regarded cyber-attacks as the biggest threat to their business when compared with other key risks – up from 29 per cent in 2014.
The Government’s Cyber Governance Health Check also found that:only a third of the UK’s top 350 businesses understand the threat of a cyber-attack; only a fifth of businesses have a clear view of the dangers of sharing information with third parties; and many firms are, however, getting better at managing cyber risks, with almost two thirds now setting out their approach to cyber security in their annual report.

Both surveys form part of the Government’s rigorous approach to tackling cyber-crime, which will see £1.9 billion invested over the next five years.
The Government is encouraging all firms to take action: the 10 Steps to Cyber Security provides advice to large businesses, and the Cyber Essentials scheme is available to all UK firms. The Government is also creating a new National Cyber Security Centre offering industry a ‘one-stop-shop’ for cyber security support.
A new national cyber security strategy will also be published later in 2016 setting out the Government’s plans to improve cyber security for Government, businesses and consumers.

Take the next step, call us today
0121 794 0685