It only takes one lapse in concentration, or one time you assume it’ll “just be fine”, to open yourself, or your business, up to opportunist cybercriminals who are waiting for you to make that small error of judgement.
Having worked from the other side of cybersecurity from his time in the military, Bravo Group’s Information Security Manager, Paul Thomas, recognises the risks better than anyone. But with so many ways in which a cyber attack can be engineered, where do you start in protecting against it? Paul suggests three areas which would be a good start.
“If you access an open wi-fi spot, every keystroke you make could be seen by cybercriminals. The tools needed to intercept this data are easy to use and cheap to buy, so assume that there could be someone close by attempting to steal your data at any one time.
If you’re just browsing that’s not so bad as you’re not giving away any critical information about yourself. But if you’re looking to enter information such as a password or bank details, wait until you’re back home on a secure network.
Using your 3G or 4G data is a little more secure as the equipment needed to intercept this is more expensive and difficult to use, but can still be vulnerable to attack.”
“Criminals are getting smarter with their tactics. For instance, they may hide a link in an unsubscribe button in a genuine-looking email. You might get emails from people you know, or organisations you recognise, such as TV licensing or the Post Office, and they look real.
My advice is, never trust a link. If you’re not sure, check the website independently and not through the email to see if you can find information linking to what’s in the email and identify whether or not it’s genuine.”
“This is a small speed bump for us but a massive hurdle for cyber-criminals. When you have your login verified on a separate device, such as via an app on your phone, it increases your security massively.
The benefits are as such that multi-factor verification is going to become more and more common and will probably be a pre-requisite in any new business contracts.
It may be more convoluted if you don’t have a smartphone, as an app is definitely the easiest way to use this process, but you can get passcodes via text messages or even a token, so not having a smartphone needn’t be a barrier.
Some people may be concerned about sharing their mobile phone data, but the data they’re protecting in doing so makes this worthwhile. The providers aren’t interested in sharing your number or bombarding you with marketing and I’d be very surprised if this were the case.”
Sign in to Bravo TV to watch our interview with Paul Thomas in full.
For further information on how to step-up your security and for signposts towards official guidance on protecting yourself and your business online, download our Cyber Security pack.