Cyber Risk Aware Blog

The Cost of FREE Public WiFi

[fa icon="calendar'] 15-Mar-2019 14:43:40 / by Jennifer Nwaigwe M posted in CyberCrime, Phishing, Security awareness, Social Engineering, Accidental Cybersecurity Leaks

Everything has a cost, and that does not exclude free public WiFi connections.

Read More [fa icon="long-arrow-right"]

Ransomware Prevention!

[fa icon="calendar'] 13-May-2017 12:41:13 / by Stephen Burke posted in CyberCrime, Phishing, Ransomware, Data Protection, Phishing Simulation, securty awareness training

A widespread cyber attack has been coming folks, and many security professionals are attempting to increase awareness for staff and companies.

Two days ago I shared an article from AIG that stated "systemic cyber attacks" were expected this year across several sectors, including healthcare.

Read More [fa icon="long-arrow-right"]

What is CEO Fraud, and How to Prevent It

[fa icon="calendar'] 05-May-2017 08:58:37 / by Stephen Burke posted in CEO Fraud, CyberCrime, Phishing, Social Engineering

 Imagine going away on holiday and returning to find that in your absence your business bank account has been drained. When you ask your accountant, they are mystified - you gave the order for the transfer.

It may sound like the plot of a blockbuster thriller, but it's the scenario that has faced hundreds of business owners whose employees have fallen prey to CEO fraud.

Read More [fa icon="long-arrow-right"]

CyberRiskAware in the News

[fa icon="calendar'] 13-Jan-2017 10:13:46 / by Stephen Burke posted in CyberCrime


TRISH DROMEY: Irish start-up targets online fraud

Read More [fa icon="long-arrow-right"]

Human error: the frontline of enterprise security

[fa icon="calendar'] 05-Nov-2016 00:54:24 / by Stephen Burke posted in Human Error, CEO Fraud, CyberCrime, Risk

It might uncomfortable to admit, but employees are the weakest link in any security fence. Cybercrime is a booming business and hackers will try to compromise an organisation using the easiest route: human error.

Last year, a study from CompTIA showed that 52% of the time, human error is the root cause of security breaches. It's not surprising either: employees lazily glance over security policies, share information with people they shouldn't, haphazardly click on phishing links and in the worst, but rare, cases, intentionally sabotage their company.

Supermarket giant Morrison's knows this only too well. It was a disgruntled former employee that leaked the payroll data of nearly 100,000 of his erstwhile co-workers. The supermarket chain is now being sued by thousands of its employees for failing to protect their data.

More often than that though, employees breach their own security out of the goodness of their own heart. Security policies can be cumbersome, seemingly arbitrary things. Employees that want to do a good job, and do it quickly, will often try to circumvent practices that slow down the workflow. This may involve sharing a document with somebody outside the organisation, or even worse, storing passwords and login credentials in plain text so they don't have to remember the array of different passwords needed to log in to office accounts.

It's not just the rank and file that are vulnerable. The recent threat landscape has shown that CEOs are just as vulnerable to human exploit as anyone else. A 'Whaling attack' is type of CEO fraud which targets executive members of an organisation using researched, personalised emails. Hackers will often trick a company's CFO into handing over fistfuls of cash to someone who seems like an employee, but is actually a cybercriminal.

For a human problem, there isn't necessarily a technical fix. Educating employees will always be the best way to ensure your organisation doesn't fall prey to a breach borne of human error. Employees have to know how to spot a phishing email, who they can and can't share files with and what information they can safely publish online.
Read More [fa icon="long-arrow-right"]