Aegis Security Consulting

When you think about AI, possibly the last thing you thing on is its ability to help improve the Information Security of your organisation. Policies and procedures help form the foundations for your organisations security posture, AI can make sticking to policies far simpler for staff and can help automate your procedures, making them more efficient and easier to stick to. Whist the link below is from a company with a fiar amount of skin in the game, it is helpful, bringing into focus what is possible and what is, these days, far more accessible to all. If you want to find out just what can be done for your own unique situation, reach out for a pressure free chat. #AI #Microsoft #Cybersecurity #policies #procedures #continualimprovement

Business Email compromise, or BEC has been around for as long as businesses have been using email. With the proliferation of security measures and user recognition of such attempts to steal information and money, the number of BEC attempts that get through to the users mailbox may have decreased, however when there is money at stake. And when that amount of money is large enough, then just sometimes the malicious actors involved put in enough effort, and get just lucky enough to be successful. To make sure that you and your staff don't fall for a BEC, there are a number of steps that you need to take. The correct technical controls and measures to prevent as many malicious emails reaching your inboxes, good user education training and testing to make sure that if an email gets through the technical security measures, it will be recognised by the person it was sent to and reported, not actioned. The final step you need to implement is one of policy and procedure. The most common BEC is one that purports to be from a supplier, usually notifying you that they have changed their banking details, in the hope that when you next pay that supplier, it gets diverted to their bank account. A secure policy and procedure in place to address such requests will ensure that even if a malicious email gets through, and gets believed, the consequences of it will be neutralised. All of this needs to be part of every organisations security playbook. If its not in yours, come talk to us, we can help you address every aspect of your security making sure you don't become a cyber breach statistic. #BEC #BusinessEmailCompromise #securityplaybook #cybersecurity

Following on from yesterdays post about the need for Multi-Factor authentication (MFA) Australia's Data protection regulator has blamed the 2022 cyber attack on the health provider Medibank on a lack of implementation of MFA. As a result of failing in this most basic of protective step, the Medibank attackers leaked the data of almost 10 Million current and former customers. For the full details you can click on and read the report below, but if you take nothing else from this breach, take away the importance of implementing MFA and the power of the protection it provides. #MFA #cyberattack #healthcarehack #dothebasics #cyberbreach

If there are 3 things you implement to protect your business identities then they should be MFA, MFA and MFA. In the Verizon 2024 Data Breach Investigations Report, 40% of breaches start with compromised credentials, either bought or brute force attacked. MFA would prevent over 95% of these attacks being successful. With more and more business resources being consumed off network MFA really has become an absolute necessity to secure the identities used by your organisation and the data they can access. MFA solutions are now almost everywhere, and access to them has never been easier, whether via the phone in your pocket, or your Windows device, MFA can be setup to protect you should your credentials be leaked to the outside world. Need more information, or help deciding upon or configuring MFA, come talk to us.

Any organisations cyber defence is only as strong as its weakest link. As a number of very high profile companies and organisations have found out to their cost, this weakest link might not even be part of your organisation. Hackers and malicious actors have in recent weeks turned their sights to the supply chains of organisations. Perhaps 2 of the biggest victims in this have been Santander and the NHS in the UK . With Santander having upwards of 30,000,000 customer records compromised and offered for sale to the highest bidder, and a number of London hospitals pausing service, it is plain to see that no one is safe. So how are you protecting yourself from exposure such as this? Do you review the vendors in your supply chain? Do you confirm that they have the accreditations they say they do? Do you set strict guidelines as to what access they are granted to your data? And most importantly, do you manage what happens to your data when you part ways? If you haven't considered these points then perhaps you ought to, to protect yourself from becoming another statistic. The safety of the data created and used by your organisation is your responsibility, you may need to allow others to help in the storage or processing of that data, but you absolutely must make sure they are up to the task. #supplychainbreach #cyber #cybersecurity #highprofiletargets #protectandsurvive

Learned Helplessness. You might not recognise the term, but you can probably recognise the behaviour it relates to. When faced with adverse situations with no control of the outcome, repeatedly, subjects can start to display acceptance of the situation and stop even attempting to avoid or overcome the adversity. At this point they are said to have leaned helplessness. As a small business leader, the thought of battling against all the cyber threats out there can be daunting. Sometimes the security vendors don’t help with this feeling, telling you that you need their (expensive) product in order to protect yourself against the latest threats. In situations like this it can be easy to feel like you are just along for the ride, unable to afford the solution that will protect you, learning that helpless feeling and doing nothing in the face of the growing number of threats. We are here to break that feeling, to teach you that resistance isn’t futile. There are things you can, and indeed, must do to protect your business and data, irrespective of its the size. We can teach you how best to configure what you already have in order to provide you the best protection, and you will learn that contrary to what you might believe, this doesn’t have to cost the earth. Unlearn any helplessness you might have, and let Aegis teach you that you can make a difference, and take control of your own protection. #cybersecurity #leanedhelplessness #cybersecure #leadership #smallbusiness

Always find time to stop and smell the roses. Excellent advise for those of us looking to survive modern life, but it also has a place for those of us involved in cyber security. Except in our case it would read, Stop and smell the request. IT support has found itself in the crosshairs recently. After all, why bother trying to extract a users credentials when you can just contact their IT support provider and get them to reset the password for you. It may sound a little far fetched but believe me it has happened. Which is why you and your support teams need a secure procedure for any authentication reset requests, you need to stop, take a breath, analyse any request and then act. This was highlighted over the bank holiday weekend when just such a request came through. With a user working away from the office unable to get access to a 365 account in part due to a password issue and in part due to a damaged phone being replaced and an authenticator app needing to be resynced, the course of action to get the user back up and running was straightforward and simple. However, was this really the user? The request coming through via a text message, late at night on a bank holiday all started ringing alarm bells. Time to take a breath and think. Yes the number that the text had come from was the users work mobile number, but these things can be spoofed. Now of course you could be trusting and just reset the MFA and password and get the user logged back in. But what if it wasn't the user, you'd be giving a bad actor access to a live account and all the data and contacts associated with it. Luckily in this case, a quick phone call to the user meant they could be easily verified by their voice and the request was confirmed to be valid. That pause to double check the request was valid may have caused a delay in getting the user back into the system, but it also meant that we were safe in the knowledge that user credentials weren't being passed to a bad actor. Always stop, take a beat, and analyse the request before taking action. #users #mfa #credentials #safeprocedures #cyberaware #cyberhygene

Cyber security is not known for providing an over abundance of feel good moments. Quite the opposite in fact. However last week did provide a moment of smugness for the team. You can't help but feel a little bit good with the systems you have put together when you get notification of an incoming email dropping into quarantine and see that the reason why is a malicious attachment. But then closer inspection shows the attachment is trying to use a vulnerability that was addressed in 2017. So even if the email with its attachment had made its way through, the PC used by the mailbox owner was patched shutting down the vulnerability, running malware detection using the latest engine and signatures. Oh and the mailbox owner had passed all of the phishing simulation tests sent out over the last 6 months. Its one thing making it through another day without a breach, but seeing that the attempts are failing at the first of the many hurdles you have put in place is a different feeling altogether. #cybersecurity #malware #emailquarantine #feelingsmug

With the UK Government looking towards making the reporting of Ransomware attacks mandatory and introducing licensing rules for any ransom payments, whatever that would look like, it looks like finally they are trying to drag cyber crime out from the shadows and diminish the stigma attached to it, highlighting to companies hit that there are alternatives to paying up. The lack of reporting by companies when they get hit only helps those bad actors carrying out the attacks. Better visibility of the scale of the problem, along with understanding of how best to protect companies and recover from any attack has to be the way forward. #governement #cybersecurity #ransomware #cyberresponse

Cyber-security worries and solutions can seem distant to small and even medium sized businesses. Watch a webinar and the hosts are talking about dedicated teams of security analysts. Receive an email from a security software provider and it appears to be written in a foreign language. But whilst it may appear distant, the reality is that Cyber security needs to be something that every business considers and works towards addressing. Aegis was founded to help businesses effectively work towards securing themselves from the malicious actors out there looking to gain access to their precious data. From one off engagements, assisting companies recognise and address specific threats, through ongoing consultancy and even full Cyber security management, Aegis are ready to help businesses of all size become more secure and prevent them from becoming another statistic on a cyber security infographic. If you would like to hear how we can help you, please reach out to us, we promise to talk to you in a language you understand, with solutions tailored for and achievable by your organisation. #cyber #cybersecurity #cybersolutions #managedsecurity