People are the weakest link
This sounds like a nightmare too impossible to happen. US soldiers putting sensitive information online in non-secure third party websites. It defies belief, yet we’re reading that it happened. The story popped up on ‘Gizmodo’
It is alleged that US Soldiers were saving sensitive information on a couple of common flashcard sites, presumably of things they were trying to memorise and learn. Even worse, their settings were on ‘public’ not ‘private’
It’s a classic warning about the risk of people, however well intentioned, saving critical data online in places the organisation is unaware of, and can’t control. That’s why our new KARE for Security S2 plan helps identify use of these sites in your organisation.
US Soldiers Accidentally Leaked Nuclear Weapons Secrets: Report (gizmodo.com)
Shadow IT
Shadow IT is one of the largest threats to data privacy in organisations today.
It’s not necessarily because these sites are going to be hacked, although that’s always possible, but just because if you don’t know the tools are in use, then there is no way that you can manage them!
The first step to maintaining this data is to identify it! That’s why you need new tools that are cloud focused. If you’re still using the same old security tools that you used to use prior to the cloud, then you are not keeping up and we need to talk!
Kinetics KARE clients – we’ve just added a layer of security
With the latest news of yet another local New Zealand high-profile cyber attack, it must be obvious that cyber-threats are real. EVERYONE is at risk of cyber attack! This latest incident is particularly close to home for me, because I chair the board of one of the...
Multifactor Authentication (MFA) gets even more secure!
Microsoft are making their authenticator even safer! Most of us will have experienced random pop-ups on authenticator asking us to approve access to our systems. We will have wondered what triggered it. Is it a hacker? Now we'll be able to get more information. Your...
Is your cyber-insurer testing your business?
Over the last month, we’d heard about this happening in the US and now it seems to be happening in NZ as well. Cyber insurers are working hard to mitigate their risk and that includes stepping up their testing of their clients. Right now, that appears to be more...
Is public WiFi safe?
Free public WiFi can be tempting.Whether it is in cafe, an airport or a shopping centre, free Wi-Fi is very tempting. Who wouldn’t want faster data, without the cost. But, as with anything that is free, be very careful! It is very easy to become a victim of something...
What can you expect if you get crypto-locked?
!Right now, there’s a crypto-locked server in the lab in our Kinetics Auckland Office. It’s not from one of our clients, but a business that’s come to us, after the event, asking for help. We are busy rebuilding it and restoring the data and configuration to the...
Are you meeting the requirements of your Cyber Insurer? (And are you minimising your risk anyway?)
Given the scale of cyber-attacks, we aren’t surprised to be hearing reports of insurers applying a "duty of care" test before agreeing to pay out. Despite sending chills up your spine, when you consider this, it makes sense as Insurers do the same thing to vehicles,...
3 billion devices are at risk. Does that include you? (it probably does)
An actively exploited high severity "zero day" cyber-security exploit has been found in the Google Chrome web browser. With over 3 billion users it will take some time for the update roll out to everyone. Meanwhile, everyone who uses Chrome on their PC is...
MFA is important, but it is no silver-bullet.
There are no silver bullets. No one can guarantee you won’t be hacked, but we can make it harder. We can reduce your cyber-risk by taking reasonable steps to make it harder to hack you. The key is to have layers of security, and to keep reviewing the technology in use...
Disaster at Kinetics
Sometimes, it feels like there is only bad news. All businesses face challenges with suppliers, our own people and even some of our customers. As managers, we work hard to get ahead of issues and create systems to mitigate problems, but there’s always something. ...
MS OFFICE ZERO DAY ATTACK – MAY 31st
One of the scariest news items to wake up to is that there is a ‘zero-day’ vulnerability in a common piece of software. That means that the hacking community has found an opportunity to hack a bit of software and there is no update yet – ‘zero’ days to apply a fix....