Cybersecurity is not my cup of tea
Turns out being played is shameful; something not to talk about or admit. This is indeed one of the factors that are used to actively breach security protocols. Cybersecurity is not my cup of tea.
Well, actually, unless you have had your head in a bucket, it is! A security researcher talked about the public like a shoal of fish being hunted by sea lions. There are a lot of bad guys, and YOUR KIND exists in vast numbers. What if you could rob 1% of all the people for €300 euros and shame everyone so that they keep their mouth shut… Like taxes, it amounts to huge sums, and people get upset when new taxes are introduced.
So why don’t people consider paying off the mob, a problem?
Turns out being played is shameful, something not to talk about or admit. This is indeed one of the factors that are used to actively breach security protocols.
Why invest in hacking security systems to acquire passwords when you can just call and ask for it.
Who wouldn’t help a colleague who dropped his/her company credit card, who needed the password when locked out, or who needed urgent help with a distant, previously unknown family member in dire need?
People don’t fall for these scams because they are stupid, but because the “bad guys” are professionals and exceedingly good at what they do. Like the average telemarketing professionals, they come in great numbers. But who would buy new phones from a telemarketer… well, more than enough to make it profitable. The same goes for the “telemarketing” guys working in criminal activities as a regular day job!
We need to talk about it and keep in mind that “it is not paranoia if they are actually after you” So, what does all this come down to.
|
|
If you are unsure. Hang up the phone, end the conversation; you don’t need to tell why! |
|
|
If you are unsure about an e-mail, don’t click any links, ask a colleague and if you are still unsure, delete the mail. I have personally gotten several e-mails where I really do not know if they are legit or not.
|
|
|
Everything that sounds too good to be true… is too good to be true? |
|
|
Never give up your passwords, Bank-ID (Swedish) or financial information over the phone. Verify with colleagues or talk to a manager. Is this really OK? Call back after confirmation using proper channels.
|
|
|
Be vigilant and remember that sometimes it is better to keep your mouth shut. Still, if you see or hear something that does not add up; don’t keep it to yourselves. You might just save the day! |
OK; so, security is my cup of tea, in fact, it is everyone’s cup of tea!
An interesting post from https://tryhackme.com/resources/blog/cyber-security-the-cost-of-human-error who provide cyber security education but have no connection with us states that:
95% of all security breaches are successful due to unintended actions, or; lack of actions partly because of poor or non-existent training and poor insights into why security is important. There are many risks you may consider, including:
|
|
Weak passwords: The famed “!” just doesn’t cut it. I suggest using separate passwords for different systems and using a single AND encrypted password manager to sign in.
|
|
|
Devices that are not updated: This applies to computers, smartphones, pads, stereos, cameras, the toaster, the fridge, smart speakers, the door locks. Update everything, and I really do mean everything.
|
|
|
Think! Do not run cheap connected webcams in the same Wi-Fi as your computers. A US bank was, for the record, hacked due to a connected thermostat for their fish tank.
|
|
|
Segment and divide. Why do you need access to all company files and not just to the things you actually use? As a manager, I do not require access to our company’s code repositories and for the record, I do not feel locked out or not trusted.
|
|
|
Talk to and listen to what cybersecurity professionals tell you. They’re not there to make your life difficult but to make sure you have a job left; should your company be attacked.
|
|
|
Educate yourself and you will stand a good chance warding of problems.
|
|
|
Use software from companies that take security seriously! Good technical solutions like ProVide Server for file management or systems integration exist, but they do require that the organization takes security seriously. The same applies to a bicycle helmet, it looks stupid, it is utterly useless if you do not wear it. But if you are hit, you protect the things that are valuable.
|
But who are we to have a say in this?
Farsight Tech Nordic AB develops and maintains secure and sustainable IT solutions for growing companies. We love when people and organizations grow. Secure means presenting relevant and accurate data to users when they need it, making sure that the data is safe, has not been tampered with and that it is available only to the people that have access. Sustainable on the other hand means the solutions we implement should be easy to manage and maintain given that technology and the world around us is constantly changing.
It is a dangerous world, but the possibilities are endless. Have a cup of tea with us and we’ll take off from there!
You can also find out more about us and our company here: https://www.farsight.se/en/solutions/
About Farsight Tech Nordic
Farsight is a Swedish IT development partner that makes people and organizations grow! We are your ”go-to-guys” regarding all your IT systems, technology and IT-security subject matters. At the same time, we are local community builders and ensue a sound labour market and good ethics. Our business is all about finding clever solutions for secure access, management and communication of business-critical information.
Contacts
Powered by Notified