WHAT RISK SHOULD I BE LOOKING OUT FOR?
Organisations need to focus not only on long term employees but new and temp staff. Staff "cyber health checks" need to be conducted regularly to mitigate these risks. Once identified your IT department can introduce steps such as multi-factor authentication, or restricted access privileges for high-risk employees.
We mitigate the impact of the following threats;
§ Social Engineering & Phishing
The majority of cyberattacks begin with the attacker conducting some form of reconnaissance of a target's social media and internet presence. Once sufficient intelligence is gathered the attacker attempts to compromise the target for financial gain or further compromise of their network
§ Privacy and Social Media Use Policies
Outdated or even non-existent policies especially outside of Tier One 'close to home' third parties can provide increased risk for threat actors to expose. Once a third party is compromised the avenue is open to exploit linked companies.
§ Insider Threats
There are two main types. Malicious insiders can be current or former employees, contractors or business associates who have legitimate access to your systems and data and use that access to destroy data, steal data or sabotage your systems. Unwilling participants are those who have been compromised or who have accidently put your cybersecurity or data at risk.
§ Third Party Risk Management (TPRM)
Many companies do not identify crucial risks in the supply chain. Illegal & unethical practices and poor cybersecurity protocols are still being conducted by third party suppliers. The key gap in due diligence is those suppliers outside the traditional Tier One 'close to home' sector.