Always on the look-out for sizeable data sources they can compromise, cyber attackers are creative and resourceful individuals who often strike when least expected. For example, weekends are one of their favourite times, when incident response time is minimised by people not being at work, such as in the case of WannaCry in May this year. Equally, we’ve seen many businesses believed to be ‘safe’ at the centre of a cyber attack stories.

The problem is, no organisation, regardless of its size, public image, or financial weight, is on the safe side nowadays. Any institution, be it public or private, that holds a significant amount of confidential data, including medical records or financial information, is a sought-after target. From universities to small businesses to banks, all organisations are at risk.

However, many people believe they are not a ‘high value target’ for identity thieves – such as students, for example, who consequently have rather minimal knowledge on how to protect themselves online. As a result, we’ve seen UK students being targeted by fraudsters in the run-up to the new academic year with a fake email scam claiming that their Student Loans Company (SLC) accounts have been suspended.

Who is ultimately responsible?

The question is: Does the responsibility to safeguard individuals’ online assets lie within the organisation? Or is each of us responsible for the security of our own data online?

A simple answer would be: both. Employers, training providers - anyone who stores and deals with customer and employee data has to think of ways they can protect it from cyber threats, as well as raise awareness amongst staff. Equally, individuals are responsible for safe browsing.

Phishing is still the most successful attack vector for cyber criminals. Humans are inquisitive by nature so even though they aren’t necessarily expecting an email on their finances from their bank, for example, they will still open it to ‘see if it is for them’. This can result in their machine being compromised with ransomware or a banking Trojan and more than likely added to a botnet.

The spam campaign authors understand traditional security platforms and know how to evade spam filters with improved phishing emails that are more and more difficult to spot. When confronted with this, users are advised to report fraudulent emails to ActionFraud, the National Fraud & Cyber Crime Reporting Centre, as they have the authority to act.

However, at an organisational level, there are various steps companies can take to ensure they educate their employees and customers, and also have the correct technological capabilities in place. Below is a list of top do’s and don’ts colleges, training providers and employers should follow to protect themselves and their staff from cyber fraud.

Do’s

  1. Encourage employees and customers to use strong passwords and a password manager if necessary.
  2. Use a client side Virtual Private Network (VPN) such as Freedome to ensure network security within the organisation.
  3. Add privacy to social media accounts and encourage the same practice across the organisation.
  4. Enable two factor authentication on emails and click-to-play for Adobe Flash or remove it altogether.
  5. Use an adware scanning tool and scan devices on a regular basis to track cookies or other malware not identified by the firewall software.
  6. Patch company devices and install firewall software. Needless to say, keeping devices up-to-date is a must.

 Don’ts

  1. Educate employees to never follow an offer, such a free iPhone, that seems too good to be true. It will be a scam!
  2. Similarly, employees must know to not click on attachments unless they’re sure they are for them.
  3. Never use a free public Wi-Fi to log into company accounts.
  4. Don’t follow links in emails, particularly suspicious ones; always type the URL in a browser.
  5. Don’t install software/utilities from an unknown source, as those tools may install spyware on the device.
  6. Don’t ignore warnings generated by the firewall or other security solutions (don’t follow links to pages highlighted by the firewall).

Ultimately, a good user education programme for staff on the dangers of email would go some way to reducing this risk. We live in a digital era, when using emails is the new norm, and employees of all ages should be taught how to protect themselves online. We’re being exposed to a new wave of threats today compared to 50 years ago, and adaptability is key.

Bryan Campbell, Senior Security Researcher at Fujitsu UK & Ireland

Fujitsu Newsroom Strap

 

You may also be interested in these articles:

Register, Login or Login with your Social Media account:


Director of Advanced Technologies in STEAM

Morgan Hunt are delighted to be working in partnership with Barking & Dagenham College to appoint a Director of Advanced Technologies in STE...

Salary : Up to £68000 per annum + Benefits


Telemarketing Executive

Contact centre / Telemarketing Executive - Manchester - £21,000 with OTE of £32,000 plus excellent benefits and bonus package / 27 days h...

Salary : Up to £21000 per annum + OTE


Apprenticeship Assessor - Health & Social Care - North East

In a nutshell We have an exciting, life-changing opportunity for a passionate person to join our pioneering business as a Health and Social...

Salary : Up to £22965 per annum


French Lecturer

Protocol are working with an FE college based in Shropshire and are looking to recruit for a French Lecturer to run 2 evening classes per we...

Salary : Up to £17 per hour + Plus Statutory Holiday Pay


Cyber Secruity Training Programme Manager - UK

Alderwood are recruiting on behalf one of the World's leading Cyber Security & Defence companies, who are looking to appoint a UK based Cybe...

Salary : Up to £65000 per annum


DAILY NEWS2

SOUNDBITES2

FE News gives you the latest breaking news and updates on emerging education strategies and the #FutureofEducation.

Providing trustworthy and positive news and views since 2003, we publish exclusive peer to peer articles from our feature writers, as well as publishing user content from our network of over 2000 contributors, offering multiple sources of news across the Education and Employability sectors.

FE News also ‘shoot’ video interviews and news bulletins so you receive the latest developments in Skills News and across the Apprenticeship, Further Education and Employability sectors.

 RSS IconRSS Feed Selection Page