Cyber Security Archives - HCS
Cybersecurity Risks To Be Aware Of In 2020

Cybersecurity Risks To Be Aware Of In 2020

2019 has seen cybersecurity awareness increase, primarily due to increased threats and updates. Although the majority of businesses are now more aware of the importance of cybersecurity, most are struggling to implement appropriate protocols internally. However, in 2020, cybersecurity will continue to be an important aspect for businesses worldwide. Data breaches, automation and integration will all impact cybersecurity within 2020.

As 2019 was a time of growth for cybersecurity awareness, 2020 is expected to continue this trend.

Data Breaches Are A Major Cyberthreat

Data breaches are expected to continue to be the most common cybersecurity risk in 2020, with data being set to remain as a valuable commodity for hackers and cybercriminals around the world.

In recent times, legislation, such as GDPR has helped put Data Security to the forefront of cybersecurity concerns, however, businesses must think about the other various risks that a data breach can present to a business and not just legislative issues.

Cloud Security

Throughout 2020 it is expected that businesses will continue to migrate their processes, infrastructure and data to the cloud. Because of this, protecting data and critical infrastructure requires a proactive approach from Managed Security Partners.

Due to the popularity of the cloud, cybercriminals will continue to create sophisticated threats with the aim of infiltrating your business’ cloud systems. If your cloud is not secured properly, this could lead to major data breaches.

Growing Awareness Of Data Back-Ups

Digital Transformation is an ongoing trend within businesses and has raised awareness of cybersecurity issues. This affects businesses of all sizes, from SMBs to Enterprises.

Businesses have realised that cybersecurity and backing up data is not a luxury but an essential aspect of any business.

Mobility Can Hamper Cybersecurity

With the rise of cloud computing, mobile use for work purposes has also increased, with many employees accessing data and documents through devices such as mobile phones and tablets.

Due to this, 2020 is expected to see an increase in data breaches through mobile devices. Every device that is used to access company systems is another endpoint to secure to ensure vulnerability is minimised.

Phishing Attacks

Phishing Attacks are set to remain as a common cyber threat, as it is seen by cybercriminals is an effective method of obtaining user credentials, distributing malware, cryptojacking, stealing money, etc with ease.

The most effective way to counteract Phishing Attacks is to train your team to recognise these attempts. In 2020, cybersecurity training should be a key aspect of your cybersecurity strategy.

Now is the time to begin your cybersecurity strategy for 2020! To learn more, contact our team today!

Businesses Warned To Be Vigilant As Invoice Scam Costs Business €200k

Businesses Warned To Be Vigilant As Invoice Scam Costs Business €200k

Gardaí are warning the business community of invoice redirect fraud and CEO fraud following an increase in these cybercrimes.

Cybercriminals have succeeded in defrauding companies of large sums of money. It is reported that one company lost over 200,000 and another lost almost 500,000, while many individuals and other businesses have lost smaller sums of money.

These types of cybercrimes consist of criminals sending emails to businesses or individuals purporting to be one of their legitimate suppliers.

Emails such as these, generally contain a request to change the bank account details that the business has stored for a legitimate supplier to an account that these cybercriminals have created.

Requests don’t have to come in the form of an email either, they can come by way of a phone call or letter. Due to this, Gardaí are recommending that businesses take caution in relation to these requests.

The goal of these cybercriminals is that when the legitimate supplier sends an invoice to your business seeking payment, the victim business acts on the new banking instructions, which sends payment to the criminal’s bank account where the funds are then transferred or withdrawn.

Most of the time, the victim business does not know it is a victim, until a time in the future when the legitimate supplier sends a reminder for payment.

CEO fraud is another cybercrime that Gardaí are warning businesses about. This crime takes place when an email appearing to be from the CEO or a senior member of staff is sent to a business’ finance team, requesting they pay a supplier or third party.

Gardaí have issued the following statement:

“Trust no email full stop. Incoming and outgoing mails can be blocked or redirected without you being aware. Assume all emails incoming and outgoing in your company are always being read by fraudsters for extended periods of time and that those responsible for payments within your company are a special target for hackers and their email history is being monitored. 
Check all incoming email addresses – that they are correct and coming from a trusted source. It’s important also to check other emails addresses copied on the mail chain, in order to check that they are also genuine. The hackers, by blocking others on the mail chain, isolate the individual making the payment, thus removing any other stakeholder from questioning the payment process. Simple changes such as swapping, adding or deleting letters in a mail address are commonly used to fool you into thinking it’s coming from a genuine source.”

A telltale sign of this cybercrime is a payment change request. Businesses should be especially vigilant when they are requested to change bank payment details. For example, amounts to be paid, account number, name of the bank, etc.

It is advised that employees call suppliers/vendors to confirm the change request before acting upon it.

Detective Chief Superintendent Pat Lordan, from the Garda National Economic Crime Bureau, said: “Victims of invoice redirect fraud range from very small businesses to large companies and the consequences of falling for a scam of this nature can be catastrophic and result in the closure of businesses and redundancies.’

He continued, “If you are not sure, pick up the phone and speak to someone in the invoicing company”.

Is your business protected against modern cybercrime? Learn more about how HCS Business Solutions can help you protect your business by contacting our team!

How To Choose Your Managed IT Security Partner

How To Choose Your Managed IT Security Partner

Business environments are continuously changing, thus forcing businesses in all industries to rapidly evolve to combat these changes. A key aspect of all industries that continues to evolve is security, in particular in terms of program governance, technology and execution. Although cybersecurity is complex and difficult to manage, many businesses try to manage and maintain cybersecurity internally. However, this can often lead to breaches as internal employees cannot keep pace with the role and lack the specialised skills and competencies needed to cost-effectively protect against the increasing range, volume and severity of threats. These challenges can often lead businesses to consider partnering with a Managed IT Security Partner. Partnering with a Managed IT Security Partner can help businesses navigate complex security issues within the rapidly changing realm of compliance and regulatory requirements. When choosing a managed IT Security Partner there are many areas that can help you add value to your partnership. Find out more below!

4 Must-Haves For Your Managed IT Security Partner

Proof of Security Impact & Effectiveness

Your business should not be blinded by meaningless metrics. Your partner should present you with strategic, operational and tactical metrics. These metrics should help you understand KPIs that track the overall effectiveness of security efforts. Your Managed IT Security Partner should demonstrate how security has improved over time and provide recommendations on how to further improve security.

Round The Clock Protection

Hackers never sleep and neither does your business. Your Managed IT Security Partner should offer round-the-clock threat protection. The faster the reaction, the quicker hackers can be pushed back and damage limited.

Customer Service

No two businesses are the same and your Managed IT Security Partner should recognise this. Your relationship with this partner should allow a flow of communication when needed. Responsiveness, communication and speed are pivotal in providing a high level of service.

Advanced Security Protocols

Many businesses still believe that traditional technologies like anti-virus and firewalls are the smartest security investment they can make. The fact is, attackers and malware have found ways to easily evade these controls, which is why you should partner with a Managed IT Security Partner that offers high-value security solutions, which allows your business to withstand sophisticated attacks.

Choosing the appropriate Managed IT Security Partner for your business is a vital step in ensuring your business stays protected against modern cyber threats. To learn about our Managed IT Security Services, contact our team! We can help you devise a cybersecurity plan which will combat sophisticated cyber threats that target businesses.

Start Your Managed IT Security Journey With HCS Business Solutions!

Call Us Today!
Should You Disable Autocomplete in Outlook?

Should You Disable Autocomplete in Outlook?

Microsoft Outlook is the go-to email application for employees around the world. It is where many employees spend a large amount of their work day. Over recent years, Microsoft has grown and evolved Outlook to give users a richer, more enjoyable experience. This integrated email experience for users has a feature referred to as autocomplete, which can autofill the contact details of a recipient.

Autocomplete/Autofill functionality has been available for many years. Once an email has been sent to a recipient, they will then appear in suggested recipients for future emails once you have typed the first few characters of their address. This simple functionality gives users a helpful and practical experience and is intended to improve productivity, as people don’t have to type the full email address each time.  Autocomplete also means you don’t have to add every user you contact regularly to your Outlook address book.

However, because of this, some risks can be associated with this feature, leading to potential data risks. There are also practical issues with this feature, such as;

  • If you enter a new email address incorrectly and send the email, e.g. ddasmith@company.ocm rather than ddasmith@company.com, this new address can be added to your autocomplete list, making it very easy to repeat the mistake in the future.
  • Inbound addresses can be automatically added to your suggestions, even if you have never emailed them.

The risks associated with Autocomplete/Autofill can also not be ignored. These risks may involve sending an email with sensitive data to the wrong recipient, Human Error happens regularly in business, however, some mistakes can lead to severe data loss and reputational damage.

One option to mitigate the risks associated with this issue is to stop using autocomplete, however, this may affect end-user productivity as employees would have to type the email address themselves.

While users are less likely to send an email to the wrong person in their autocomplete list, this may lead to a much larger risk of misdirected emails caused by mis-typiing an email address.

In time, people will end up creating their own ‘autocomplete list’ or address books in other applications, such as Excel, and could end up storing other associated personal data locally on their devices, creating data risks for your business.

We Can Help!

At HCS Business Solutions we can help your business utilise Office 365 to its full potential, while also training your team on the latest Cybersecurity trends to ensure your business remains protected at all times! To learn more, contact our team!