News and articles

Beware cybercriminals: Our top 3 tips to improve your cybersecurity

According to a survey by BAESystems.com 74% of financial institutions have experienced a rise in cybercrime in the last 12 months.  42% of financial institutions said that the remote working model due to Covid-19 makes them less secure.

Our Information Security Manager, Sarah Coles, explains why this is happening, and what you can do to protect yourself.

Since the beginning of the pandemic, one of the biggest challenges for businesses has been the sudden transition to working from home.

Attackers have capitalised on this change, not only by targeting organisations’ networks but increasingly by focusing on the end user or employee via phishing emails or malware campaigns –  generally seen as the path of least resistance.

Additionally, we’ve seen an increase in phishing emails containing fake login pages or forms, aiming to steal user credentials.  This, coupled with evidence showing remote workers are more susceptible to phishing emails, suggests your employees are more likely to hand over their details, providing direct access to your organisation’s data.

If you’re a firm dealing with money and people’s financial security, that’s a risk.

Personal data commands a high price amongst cyber criminals. A scan of Dark Web forums and marketplaces shows that personal ID (full name, date of birth, email and mobile number) can be sold on for anything from 50c to $10. Online bank account details can command anything from 1 to 10% of the account value.

The good news is there are some very simple things you can do to increase cybersecurity in your business and amongst your employees.

Here are our 3 top tips:

1. Check if your information has been compromised

Knowledge is power. Use this simple tool to check if your email or phone number has been in a data breach. If you find you have, don’t panic. Change your passwords wherever your email is used immediately and keep in mind that you may begin to receive suspicious calls (for example asking for your banking details or passwords).  Check your statements and report any unauthorised activity right away.

2. Implement multifactor authentication

Multi-factor authentication (MFA) can increase the security of your accounts significantly and can be setup in minutes. It is especially important to use MFA on your email, as a lot of services allow you to reset passwords via your inbox.  If an attacker has access to your inbox they could use this to reset passwords tied to your email account. Look out for information coming soon on enhanced MFA security for anyone accessing the Parmenion platform.

3. Increase awareness of the risks

Employees are the first line of defence for your organisation. Empower them by providing regular updates on the threats they may come across in their professional and personal lives.  Understanding how to recognise these attacks and offering tips and key things to look out for can provide valuable defence against hackers.

With office working, it’s easy to walk over to the IT desk and check if an invoice payment is genuine or not.  However, your employees may take more risk whilst remote; creating a simple process for reporting suspicious emails or getting in contact with someone who can help can bridge the gap and encourage collaboration.

We’ll be bringing you more help and support to enhance security in your business in the next few weeks, so watch this space.