Focus Tech Insider
December 2023
Should your business follow Google’s security lead?
Google has introduced a new security strategy – but is it right for your business?
It has put some employees on a cyber diet, restricting their internet access to limit potential threats.
On the surface, it sounds like a smart move. Google’s approach is like building a taller fence around your house to keep out burglars.
By reducing internet connectivity, they’re effectively shrinking their digital footprint and making it harder for cyber criminals to find a way in.
But is it foolproof? Well, not exactly.
While this strategy does limit external threats, it doesn’t entirely eliminate the risk.
Think of it this way: you’ve built a towering wall around your house, but your teenager leaves the back gate open. Similarly, internal systems might remain connected to other devices that can access the internet, providing a potential entry point for cyber threats.
In other words, you can’t just focus on keeping things out.
Yes, there are very real threats from external hackers using all sorts of techniques like
phishing, zero-day attacks, and malware. However the security industry often overlooks significant threats from within the perimeter.
Research shows that insider threats account for 62% of all security breaches. These insiders disgruntled employees, careless staff, or malicious actors – often have legitimate access rights, intimate knowledge of the system, and can bypass traditional security checks. It’s like having a burglar who knows where you hide your spare key.
So, what’s the takeaway?
While Google’s strategy has its merits, it’s not a one-size-fits-all solution. Just as you wouldn’t wear shoes that are too big, your business needs a cyber security strategy tailored to fit its unique requirements. A robust cyber security strategy should focus on both external and internal threats and have measures in place to mitigate risks from all angles.
Our advice? Instead of simply following in Google’s footsteps, consider your own business’s needs and vulnerabilities.
And of course, if you need help with that, get in touch
Did You Know?
not to download third-party apps?
New research has found that an Android app is actually a trojan (a type of malware) that can record your video and audio calls. The SpyNote banking trojan is typically delivered by a phishing SMS, and once installed, it’s very hard to get rid of.
How do you avoid it?
Simple. Only download apps from official app stores – never via third parties.
Technology Update
It’s now easier to grab video stills from YouTube
If you use Chrome, Edge, or a similar browser called Arc, there’s a new tool that will help you grab high-quality stills from videos.
Why might you need this? To highlight key points from presentations, and training videos, or even to make note-taking simpler.
Just right-click on the paused video, and select “Copy video frame”.
New to MICROSOFT 365
Outlook could soon be writing your emails for you
Thanks to Copilot (Microsoft’s AI companion), you’ll be able to draft more concise, professional emails in Outlook, with suggested edits for clarity and inclusive language.
And if there’s a long email thread you need to respond to, Copilot can even summarise it and draft suggested replies.
Want to know more on Microsoft 365 Updates? Discover more here!
It’s time to turn the tide on phishing attacks
Phishing attacks have reached record highs this year. Worryingly, in the third quarter of this year alone, phishing attacks skyrocketed by a staggering 173%, compared to the previous three months.
And malware? It’s not far behind, with a 110% increase over the same period.
Let’s put this into perspective.
Imagine you’re on a quiet beach, enjoying the sun and the surf. Suddenly, the tide starts to rise rapidly. Before you know it, your picnic basket is floating away, and you’re knee-deep in water. That’s what’s happening in the cyber world right now.
According to a report, the ‘phisherfolk’ group were most active in August, casting out more than 207.3 million phishing emails. That’s nearly double the amount in July. September wasn’t much better, with 172.6 million phishing emails.
But who are these cyber criminals targeting? Old favourites Facebook and Microsoft continue to top the charts, with Facebook accounting for more phishing URLs than the next seven most spoofed brands combined.
So, what’s the bottom line here?
Your business could be next.
Phishing attacks are like a rising tide, and if you’re not careful, they can quickly sink your business. They target everyone – from tech giants to financial institutions, and even government agencies. The question is – are you prepared?
Take a moment to consider the authenticity of emails. Are they from a trusted source? Do they contain suspicious links? Are they asking for sensitive information?
Make sure your employees are aware of the risks. Encourage them to think twice before clicking on a link or downloading an attachment. After all, a moment’s hesitation could save your business from a devastating cyber attack.
And don’t forget about integrated email security solutions and phishing awareness training. They could be the thing that best help you prevent an attack.
So, as the tide of phishing attacks continues to rise, remember – it’s better to be safe than sorry. If you need any further help or advice, get in touch.
Q and A’s
