Protecting your business from cyber threats
Did you know that cyber attackers can use publicly available information about your business and employees to make their attacks more successful? Information is often gleaned from websites and public social media accounts.
Did you know that cyber attackers can use publicly available information about your business and employees to make their attacks more successful? Information is often gleaned from websites and public social media accounts.
To make it more difficult for attackers to target your business, there are a few steps that you can take to prevent your business being so forthcoming with important data to assist a cyber-attack:
- ‘Meet the team’ pages: useful to add personality to your business but an absolute Pandora’s box for those with malicious intent! If an attacker has details of your employees they can use this to craft targeted phishing emails so limit this information where possible;
- Social media: LinkedIn and other social media accounts often provide information which attackers can use to find a “way in” to your business. Review the information on these sites and ask yourself if it is really necessary to post details about recent contracts won, suppliers your business uses and partners with your business. Think about the information you are posting and how it may be used against your business;
- Be aware of what others are saying about you: review what your business partners, clients, contractors and suppliers give away about your business online;
- Use of employee credentials for 3rd party sites: your business may use corporate email addresses to sign up for 3rd party services, such as employee benefit schemes, cloud storage providers etc. If these services are breached and employees reuse passwords across accounts, then this can be a big threat to your business. Leaked credentials can provide a simple way in for an attacker.
Be aware and if in doubt, err on the side of caution to prevent your business falling victim to the ever increasing cyber threat.
First published by Business Live on the 7th February 2020.
Related expertise
You may be interested in...
Legal Update
Understanding the ICO's new fining guidance
Legal Update
ICO consultation on accessing care records: A legal perspective
Legal Update
Cyber-attacks in UK universities: Why failing to prepare is no longer an option
Legal Update
Artificial intelligence – shaping a sustainable future
Press Release
Spring Budget 2024: Browne Jacobson reaction
Legal Update
Not quite a blanket ban on mobile phones in schools: DfE guidance insights
On-Demand - Shared Insights
Shared Insights: Sexual safety in the workplace — how leaders can help to create a sexual safety culture
Legal Update
LockBit unlocked: International taskforce takes down major cyber criminal organisation
Legal Update
Progress on the Automated Vehicles Bill
Legal Update
Data protection in higher education: what to expect in 2024
Legal Update
The rise of AI in construction
Legal Update
Government foreshadows significant savings for public bodies as part of data protection overhaul
Legal Update
ICO consultation on transparency in health and social care
Legal Update
How to mitigate risk in disputes arising from AI use in technology projects
Opinion
Monitoring workers – ICO guidance
Legal Update
CyberCube’s Global Threat Outlook: The evolving threat of cyber operations
Legal Update
A new digital safe space – How does the EU Digital Services Act affect insurers?
Legal Update
ICO consultation on fertility tracking apps
Legal Update
“TOBA traps” - general exposure risk under existing TOBAs
Published Article
UK: Legal issues with deepfakes
Legal Update
New guidance for employers on subject access requests published by the ICO
Legal Update
Ali Round 2 - High Court gives further guidance on causation and quantum for data breaches
Press Release
Browne Jacobson welcomes former ICO lawyer to support growing UK&I data privacy and tech practice
Legal Update
Update on data protection claims - Austrian Post Case
Press Release
Browne Jacobson launches specialist Ascensus programme for in house lawyers and business leaders
Opinion
Mopping up after a leak – how businesses can take steps to protect their confidential information
Legal Update
UK Government publishes the Online Safety Bill: an overview
Legal Update
Cyber security and data breaches
Legal Update
Update on the Digital Services Act (“DSA”) – Important Dates and Deadlines Looming
Legal Update
The rising number of cyber-attacks
Legal Update
The continued threat of piracy in Southeast Asian waters
Legal Update
Government publishes its proposals for expanding the Scope of the Network and Information Systems Regulations 2018
Legal Update
Protecting children and their data in the online environment
Legal Update
‘Big Game Hunting’ – the new face of cyber extortion?
Published Article
Bruce Willis AI and the problem with deepfakes
A deepfake of Bruce Willis is advertising Russian mobile phones. Many great artistic and metaphysical questions are raised by this performance. However, this article is going to look at the intellectual property law implications, from a UK perspective.
Legal Update
DSA approved: Targeted Advertising Rules explained
Legal Update
Economic crime and cybercrime
It is clear that the digital landscape, often termed cyberspace, is a man-made environment, in which human behaviour dominates and where technology both influences and aids our role in it — through the internet, telecoms and networked computer systems, which are often interdependent. The extent to which any organisation is potentially vulnerable to cyber-attack depends on how well these elements are aligned.
Legal Update
Let’s be direct – doubly so
Legal Update
The Ukraine War: Aviation and cyber issues
Legal Update
Data reform in the UK
Since the UK left the EU and are now able to move away from the EU data protection regime, the UK government have implemented a national data strategy with the aim of reducing the burden on organisations but maintaining a high data protection standard.