Friday, 04 March 2022 15:18

    March Dispatch - All About Cybersecurity ... Featured

    Written by
    Rate this item
    (0 votes)

    DARREN'S DISPATCH | MARCH 2022 | ISSUE 4 

     

     

    MARCH OFFER

     

    Over the last few weeks, we’ve spoken extensively about cybersecurity and the threats that cyber-attacks pose for small business. 

    Inadequate cybersecurity measures affect everything for small businesses. From your ability to protect your intellectual property and customer data to your compliance with industry regulations, it’s easy to understand why small business cybersecurity matters. 

     

    Some security measures, such as implementation of a firewall and use of access permissions, attempt to keep intruders out of the network or computer altogether, much like fences and door locks attempt to keep burglars off the grounds or out of the house.

     

    Small businesses are collectively subject to almost 10,000 cyber-attacks in a day according to FSB’s research. FSB is the UK’s largest business support group and the voice of small businesses and self-employed. Every small business needs to take the time now to build strong cyber defences before they find themselves in a threat actor’s sights.

     

    We haven’t gotten a fool-proof method yet, but what we have is a good place to start. Join us on April 13th, 2022, at 3pm for a webinar conducted by Darren himself. He will walk you through not just password security but also various aspects of cybersecurity. 

     

    Register for the WebinarTODAY!


     

    TIPS TO KEEP YOURSELF SAFE FROM CYBERATTACKS ON SOCIAL MEDIA

     

    In our last article we spoke about the different cyber threats and issues that face social media. As growing popularity of social networking sites these have become a prime target for cyber-crimes and attacks. 

    So, we have curated a small list of precautions and safety measures you can take as an individual and a small business to protect yourself, your employees and peers, and your customers. 

    1.     As a business, make sure that all your emails have digital signatures with clear indication to your company policies. We recommend putting this policy in place so that your emails are not confused with any other spam mails or phishing. To learn more about what these are you can read our article on them here: Business Tips.  

    2.     Cryptography based techniques should be used to ensure the security of the user’s information provided on social networking websites. Cryptographic techniques concern themselves with three main purposes: 

    a.     Authentication: Verifying the identity of the user or computer

    b.     Confidentiality: Keeping the contents of the user’s data secret

    c.     Integrity: Ensuring that the data doesn’t change between the time it leaves the source and the time it reaches its destination.

    Group key exchange, data mining, encryption are some of the examples which can be used to enhance the security on social media

    3.     Social Networking Sites have privacy and security settings available which help make sure that the users security is not compromised. We will walk through some of these: 

    a.     Who-can-see-my-posts: This is a priority setting for the Facebook users where the user can limit the audience who can see posts from the user. As a business, you’ll make public posts, but make sure that you’re not sharing sensitive information in these posts. 

    b.     Login-Alerts: Most social networking sites have this feature. It is an alert that you can set up from the settings of the social networking site you’re on. It allows the user to get a notification when anyone logs into their account from an unrecognised device or browser. Even if the user himself/herself login from a new device, you’ll get a login alert. 

    c.     Third party-authentication: This is a new setting added to most social networking sites. It generates a security code to authenticate any third-party app.

    d.     Multi-factor-authentication: MFA is a system that has now been widely adopted by Facebook, Instagram, Twitter, LinkedIn, Tik-Tok etc. This usually allows the users to create multi-factor login. Like for example if a user uses their email address to sign into Instagram, then the user can set up a phone number as a security backup login option. Instagram also generates security codes that you can find from the settings on your profile. In the event that someone tries to maliciously gain access to your account, they’ll be forced to not only use your email address and phone number but also your security code, making it almost impossible to login. 

    4.     Web Browser security settings are an integral part of keeping your social media profiles safe and secure. 

    a.     Keep your browsers up to date and enable automatic updates for your browser.

    b.     Block plug-ins, pop-ups, and phishing sites.

    c.     Set browser not to store passwords.

    d.     Disable third-party cookies.

    Social media is a prime target for cyber-crime. All businesses whether big or small should take appropriate measures to be cyber-crime safe and learn the best practices so that they don’t accidentally sabotage their internal data or the data of their customers and employees. 

    Stay tuned for more information on cybersecurity and an exciting offer coming to you this month!

     


      

    SOCIAL MEDIA & CYBERSECURITY

     

    Social media is a great tool that connects businesses with potential customers. Be it a large business or a small one, everyone uses some form of social media or the other. Whether you promote your products on Instagram, or answer queries on Twitter – social media has introduced significant changes in the way businesses communicate as well. Whether you’re scrolling through posts on Facebook, tracking news and trends around you on Twitter, posting personal or business pictures on Instagram, or connecting with colleagues and like-minded businesspeople on LinkedIn, chances are, that you and your business have a social media digital footprint. 

    Even though there are security settings on social media platforms, people who have malicious intentions still manage to get sensitive information out of businesses through social media. As alarming as it sounds, we are here to help you understand the issues and challenges of cybersecurity on social media and give you solutions!

    Issues of Cybersecurity on social media

    1.     Misusing identity: The attacker impersonates the identity of the user resulting in misusing identity. The attackers gain access to applications in which they ask for granting permissions for accessing sensitive and personal information. 

    They can assume the identity of the person whose account they’ve gained access to and ask for sensitive information such as banking details from their followers. 

    2.     3rd Party Applications & threats they pose: Such applications ask the user for permissions from the user to access different levels of personal information. While some of these applications are safe, some of them may download a malware on the user’s phone or computer without their consent. Thus, putting not only the user but everyone’s information they have stored on their device.

    3.     Viruses, Phishing Attacks and Malware: We have spoken in depth about these in our article earlier this month. You can access it here: Business Tips.

    4.     Privacy of Data: It is advised that you keep your personal profile private on social media, but as a business that is not always possible. Users share their information on social networking sites and can cause privacy breaches unless proper security measures are applied. 

    5.     Legal Issues: Every social media platform has its own sets of rules and regulations. Posting content that are offensive to any individual, community or country is not tolerated. There are legal risks associated with use of social media sites in leaking confidential information on sites or invading someone’s privacy. 

    6.     Tracking Users: If third parties gain access to a user’s roaming data by collecting real-time update on the user’s location, then it can cause physical security concerns for the user. 

    Risks and Challenges of cybersecurity on social media 

     

    1.     Viruses, Phishing Attacks and Malware: We have spoken in depth about these in our article earlier this month. You can access it here: Business Tips.

    2.     Oversharing: There are two very common kinds of oversharing on social media. One is the obvious kind, where the user frequently shares their personal information and whereabouts. Sharing personal information like that can put you at risk of a cybersecurity attack.

    The second kind of oversharing is the lesser obvious kind. While a lot of people say that you use something you can remember for a password, it not the right way to go. Attackers comb through all your information on social media to figure out the names of your pets, your high school information etc. Think thoroughly before taking that quiz that asks you your mother’s maiden name or who your first school crush was. 

    3.     Social Engineering: It is not always the user who is the weak link in security. LinkedIn for example, had breaches in 2012 and 2016 exposing the passwords of millions of users. This is why it is advisable that you secure your home device. You may never know when or where the next attack will come from. 

    To learn more about how to protect yourself from a cybersecurity attack: March Offer.

    If you need help or have any questions or concerns regarding cybersecurity or privacy, simply let us know. We'll be happy to assist you in learning more about your options. You can email me at This email address is being protected from spambots. You need JavaScript enabled to view it.or call us at 01522 822520.

    Contact us now!


     

     

    DARREN'S DISPATCH | MARCH 2022 | ISSUE 3

     

      

    BOOK REVIEW: THE ART OF INVISIBILITY

    the art of invisibility 1526823472 abfb16a7

     

    “In the midst of this culture of openness and sharing, we need to think carefully about the information we're volunteering to the world. Sometimes the world is listening.”

     

    Let’s forget for a moment why you would want to or need to be invisible in the online world and think about how you can do it. Kevin Mitnick’s book The Art of Invisibility helps in understanding the unusual precautions you need to take in order to stay completely off the radar!

    There are many legitimate reasons to remain anonymous on the internet. Kevin Mitnick was caught by the FBI in 1995 for activities that were neither legitimate nor legal. He has served time in prison, but is now a security consultant, helping to protect legitimate businesses and individuals from attack by the type people that he used to be.

    I think we can learn a lot from these hackers-turned-experts, now called white hats which signifies they work for the general good; their experience and point of view give them a completely different perspective on computer security, both for companies and personal users.

    While the book has many tricks to remain invisible online, an average reader doesn’t need to know any of them. There are plenty of learnings to take away from the book if all you’re looking for is stronger cybersecurity and more privacy. Here’s a short summary:

    Password Protection

    Password security is a must for everyone. Whether you’re a small business or a big business or an individual. It’s not enough that you create a strong password, you need to know how to safely store it and how to keep generating new passwords. 

    We’ve spoken about password protection in our latest blog here: https://www.developandpromote.co.uk/blog

    Email Encryption

    There are a variety of technology and tools that can be used to encrypt emails. A personal mail certificate is one method that is used to digitally sign your emails. This helps to reduce the number of spam messages that can be sent using your name and email account. 

    Kevin Mitnick points out that there are three primary things that you should encrypt. 

    1. The connection from your email provider
    2. Your email messages 
    3. Stored, cached, or archived email messages

    Email encryption ensures that even if the someone gains access to your emails, the content of your email messages remains unreadable. 

     

    Secure Browsing

     

    HTTPS protects the integrity and confidentiality of data between your computer and the website that you’re browsing. Users expect a secure and private online experience when using a website.

    HTTP alone is not suffiecint. It leaves your information vulnerable to attackers. If you visit a website, make sure it has a “https:/” certificate to it. HTTPS encrypts HTTP requests and responses so that even if an attacker tries to steal your payment information for example, they can only see random characters instead of your actual card details. 

    While we don’t recommend that you wipe your digital footprint off the surface of the web, there is a lot of merit in trying to hide your personal preferences from the ever-present information gathering giants. Maintaining a certain level of privacy can be done without damaging your web experience. 

    If you are looking for more ways to protect your data online, then we can help you out. Read our article on how to protect yourself and your customers online here: https://www.developandpromote.co.uk/darren-s-march-dispatch-cybersecurity.html

     

    We haven’t gotten a fool-proof method yet, but what we have is a good place to start. Join us on April 13th, 2022, at 3pm for a webinar conducted by Darren himself. He will walk you through not just password security but also various aspects of cybersecurity. 

     

    Register for the Webinar TODAY!

     

    If you need help or have any questions or concerns regarding cybersecurity or privacy, simply let us know. We'll be happy to assist you in learning more about your options. You can email me at This email address is being protected from spambots. You need JavaScript enabled to view it.or call us at 01522 822520. 

    To see all other Darren's Dispatch's please click here: https://vault.developandpromote.co.uk/darrens-dispatch/You will need to log in to access them. 

    If you do not have access or can't remember your login details or have any other queries, please email This email address is being protected from spambots. You need JavaScript enabled to view it.

     


    DARREN'S DISPATCH | MARCH 2022 | ISSUE 2

     

      

    BUSINESS TIPS

     

    Now that we have spoken about what cyberattacks are and how they affect small businesses, let’s talk about what we can do as a small business to prevent them from happening. 

    Small businesses make the assumption that since they’re a small business, they don’t need to worry about their security, because their business is too small a target. Unfortunately, this is far from the truth. A recent report from FSB (Federation of Small Businesses, UK) has revealed that small businesses lose an estimated £4.5 billion a year, with the average individual cost of an attack being £1,300! Suffering this kind of a financial setback is not only devastating to any small business, it also causes irreparable reputational damage. 

    In this article we will discuss what small businesses can do to protect themselves from the three main types of cybersecurity attacks. 

    How to protect yourself from a Phishing Attack 

     

    Phishing attacks amount for 90% of all breaches that any company face. Phishing attacks happen when an attacker pretends to be a trusted contact and gets the user to click on a malicious link, download a corrupted file, or somehow coaxes them to divulge private and sensitive information. 

    In recent years, Business Email Compromise has become a very real risk for many small businesses. Some attackers get access to email accounts of high-level executives and send out emails on their behalf requesting all sorts of information. Part of what makes phishing attacks more difficult to combat is that there aren’t many technological defenses against such attacks. 

    Tip 1: One way to prevent an attack like this is to download an add-on to your browser that can spot the signs of a malicious website or alert you to phishing sites. Read on to find out how we are prepared to help small businesses tackle these security threats.

    Tip 2: It is always advised to not input sensitive information on sites without a security certificate. That is if you cannot see a closed padlock icon next to the URL then don’t buy or download anything from such a website. 

    Tips 3: Regularly update your passwords. Creating strong and secure passwords for all your online accounts. Give your employees training to do the same. If you’re looking for a solution for regularly generating new passwords, then we can help you out. Just email me at This email address is being protected from spambots. You need JavaScript enabled to view it. to learn more about this. 

    How to protect yourself from a Malware Attack 

     

    Malware is a broad term that encompasses malicious code that hackers create to gain access to networks, steal data or even destroy data stored on local machines. 

    These attacks are particularly damaging for small businesses as they cripple machines thus incurring extra costs in repair etc. They also give attackers access to a lot of data and information putting not just the business and employees at risk but also putting their customers and their data at risk. Small businesses also tend to employ people who work remotely from their homes and bring in their own machines to work. This however also increases the likelihood of suffering from a malware attack, as personal devices are easier to attack. 

    Tip 4: One of the most important ways to protect against malware is to install anti-virus software. Anti-virus software scans your local machine to detect potential threats and provide automatic updates as well and enhanced security. 

    Tip 5: Another way to protect all your devices from malware is to use a firewall. A firewall prevents malicious attacks by blocking unauthorized access to or from a private computer network. When used in combination with an anti-virus software, firewall provides an additional layer of security for all your data. 

    Tip 6: In the event that you do get attacked, it is always advisable that you backup all your data and save copies of it. This will help mitigate any damage and will also mean that you are held victim to a ransomware attack. 

    How to protect yourself from a Inside Threat 

     

    An inside threat can occur by the actions of employees, business contractors, suppliers or even business associates. A study conducted by Verizon found that 25% of data breaches come from insider threats. 

    Within smaller companies, insider threats are a growing problem as employees have access to multiple accounts that hold more data. Multiple accounts that may not be needed by the employee. 

    Tip 7: To block insider threats, small businesses need to make sure that they have a strong culture of security awareness within the company. This can be done by having regular webinars which discuss the importance of cybersecurity. 

     

    Inadequate cybersecurity measures affect everything for small businesses. From your ability to protect your intellectual property and customer data to your compliance with industry regulations, it’s easy to understand why small business cybersecurity matters. 

    Small businesses are collectively subject to almost 10,000 cyber-attacks in a day according to FSB’s research. FSB is the UK’s largest business support group and the voice of small businesses and self-employed. Every small business needs to take the time now to build strong cyber defences before they find themselves in a threat actor’s sights.

    We haven’t gotten a fool-proof method yet, but what we have is a good place to start. Join us on April 13th, 2022, at 3pm for a webinar conducted by Darren himself. He will walk you through not just password security but also various aspects of cybersecurity. 

    Register for the Webinar TODAY!

     

     

    DARREN'S DISPATCH | MARCH 2022 | ISSUE 1

     

      

    GET MORE FROM YOUR MARKETING

     

    Hello and welcome back another exciting and new issue of Darren’s Dispatch. I would like to start this month by thanking all of you for the overwhelming response we have gotten to our new weekly newsletter!

    Have you experienced hacking, identity theft, viruses or malware on your computer? Are you worried about the safety of your business' online data? Well you are not alone. The internet has rightly been dubbed a global village. It allows businesses of all sizes, from all corners of the world to connect to newer and larger markets as well as provide opportunities for growth and employment to people everywhere. Every business that uses the internet must be responsible for cultivating a culture of security that increases the confidence of vendors and consumers alike.

    As global cyber threat continues to evolve at a rapid pace with an alarmingly increasing number of cyber breaches ever year. Don’t be alarmed, instead of going into depths of what cyber threats are, we will talk about cyber security instead. For my non-technical friends and colleagues, cyber security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. It's also known as information technology security or electronic information security

    Cyberthreats aren’t just a problem for big corporations and government organisations, they pose a big threat to small businesses as well. A study by Red Security revealed that 75% of UK executives do not feel fully prepared for a cyberattack. Businesses are still being targeted, despite the ever-increasing availability of security solutions and threat awareness training.

    What is at Risk?

    There a number of things to lose from even a small breach to your data and privacy.

    If you are a business then the first risk for you is the breach of client lists. This is an invasion of privacy not just on you and your company but it also potentially puts your clients data at risk. Private and confidential information such as their names, addresses, bank account details, credit card information, etc are subject to be stolen.

    As a business, your own personal information and banking data is also at risk. Your product structures, pricing models, financial reports etc can be stolen.

    These attacks don’t just put you at risk. Hackers may use your supply-chain network to wriggle themselves into other company’s data as well.

    What is the Impact?

    The first and foremost impact of an attack like this is loss of financial data and assets. Not just your personal and your company’s assets either, an attack means loss of financial data for your consumers as well. You may incur more financial losses not just from such an attack, but also in the aftermath of such an attack. As your businesses processes will be disrupted from an attack like this and you will have to spend high costs to rid your network of threats.

    Another long-lasting impact of such an attack, and a much more difficult one to get over is the loss of reputation.

    Ensuring you have the right technology, processes and people in place to handle the quality of the data that you hold is also a key part of thriving under the Data Protection Act (and now the GDPR). 

    How to Protect Yourself

    As a small business, it is easy to feel overwhelmed with all of this information. It is also easy to feel like there isn’t anything you can do to protect yourself in the event of a cyberattack. Fortunately, there a lot of things you can do prevent yourself from a cyberattack.

    1.      Train Employees

    There are a lot of circumstances under which an employee can either maliciously or carelessly give cybercriminals access to your networks. The best way to avoid this circumstance is to establish basic security training and policies for employees. Educate your employees on the importance of requiring strong passwords, on how to deal with suspicious emails, as well as establish appropriate internet use guidelines. Don’t open email attachments or emails from suspicious senders as it could infected malware.

    It is also important that employees are properly trained in handling and protecting sensitive customer information and other internal data.

    1.         Risk Assessment

    It is important to evaluate potential risks that might in the future jeopardise your company’s networks, systems and information. This will help you in formulating a plan to protect your company and also in possibly identifying any gaps in security.

    Make a list of and identify who can access what part of your data within the company. Do not give an employee unvetted access to all your internal data. It is always a good practise to give employees limited access – data they need to perform their jobs. Also identify who may want access to your data and how they may try to obtain it.

    Once you’ve analysed all of this within your company, and made a list of potential threats to your data and business, use this information to formulate a refined security strategy. It is also strongly advised to review this data regularly, as well as whenever you make significant changes to your information storage, or employees.

    1.        Internal Protection

    It is important to keep clean machines. Have the latest security software updates, latest web browser updates as well as operating systems. This is the best defence you can have against viruses, malware, and other online threats.

    Install antivirus software on your local machines and run them regularly. This will protect your devices from viruses, spyware, ransomware as well as phishing scams. It is also important that this software helps you not only protect your local devices, but also helps you clean them.

    Don’t ignore the software updates on your local machines. This is true not just for laptops and computers but also for mobile phones. So much information is stored on these tiny devices as we use it for just about everything. Every piece of software update is important as these updates usually strengthen security for your device or add patches that can actually close coding loopholes hackers can slide through.

    There are a range of threats facing small businesses at the moment. The best way to protect against these threats is to have a comprehensive set of security tools in place, and to keep your employees sufficiently and competently trained.

    If you need help or have any questions or concerns regarding cybersecurity or privacy, simply let us know. We'll be happy to assist you in learning more about your options. You can email me at This email address is being protected from spambots. You need JavaScript enabled to view it. or call us at 01522 822520.

    Contact us now!

    Stay tuned for more information on cybersecurity and an exciting offer coming to you this month!


            



    To see all other Darren's Dispatch's please click here: https://vault.developandpromote.co.uk/darrens-dispatch/You will need to log in to access them. 

    If you do not have access or can't remember your login details or have any other queries, please email This email address is being protected from spambots. You need JavaScript enabled to view it.

     

    Share this on:

    Submit to DeliciousSubmit to DiggSubmit to FacebookSubmit to Google BookmarksSubmit to StumbleuponSubmit to TechnoratiSubmit to TwitterSubmit to LinkedIn
    Read 240 times Last modified on Monday, 18 April 2022 17:41

    Media

    Share this on:

    Submit to DeliciousSubmit to DiggSubmit to FacebookSubmit to Google BookmarksSubmit to StumbleuponSubmit to TechnoratiSubmit to TwitterSubmit to LinkedIn

    Leave a comment

    Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

    We use cookies to improve our website and your experience when using it. Cookies used for the essential operation of this site have already been set. To find out more about the cookies we use and how to delete them, see our privacy policy.

      I accept cookies from this site.
    EU Cookie Directive Module Information