PLEASE READ: Reminder regarding Cyber Security awareness and diligence

At this time of year, it is worth reminding everyone to be extra vigilant with regards to Cyber Security. Unfortunately Email phishing is more prevalent during the festive season as they can catch people of guard offering major discounts on goods, payment request etc and they do not care about who they target business or personal email accounts.

We are rapidly growing organisation and receiving lots of press coverage now and our success news also leads to us being a target for Cyber Security Threats.

To safeguard yourselves and confidential company information please see below the steps you should take and be Cyber aware.

1. Understanding Cybersecurity

• Cybersecurity: Protecting systems, networks, and data from unauthorized access, theft, or damage.
• Why It Matters: Prevents financial loss, data breaches, and reputational damage to the organization.

2. Email Security

• Be Wary of Phishing: Avoid clicking on suspicious links or attachments in emails.
• Verify Sender Identity: Check the email address, especially if the message requests sensitive information.
  • Think before you open that link: Is it legitimate.
  • Verify sender details—do not trust, verify!”
  • Beware of urgent requests—they are often phishing scams.”
  • Attachments can be traps. Only open trusted files.”
  • Hover over links to see where they lead—do not click blindly.”
• Report Any Suspicious Emails: Forward to your IT/security team.
• Do NOT use personal emails to send out company documents and other information.
• Do NOT use your company email to access your own personal resources, bank accounts, social media, Netfix etc.

3. Device Security

• Lock Your Devices: Use strong passwords or PINs, and lock screens when stepping away.
• Update Regularly: Install updates for operating systems and applications to patch vulnerabilities.
• Install Security Software: Use antivirus, anti-malware, and firewalls.

4. Data Protection

• Classify and Handle Data Properly: Follow organizational policies for storing, sharing, and disposing of sensitive data.
• Avoid Using Unauthorized Tools: Only use approved software and storage solutions.
• Encrypt Sensitive Data: Protect files, emails, and backups with encryption.

5. Internet Usage

• Use Secure Connections: Always connect via a secure network and avoid public Wi-Fi unless using a VPN.
• Avoid Suspicious Websites: Check for HTTPS and avoid downloading files from untrusted sources.

6. Social Engineering Awareness

• Be Sceptical of Unusual Requests: Verify with the sender if someone asks for sensitive information or immediate action.
• Avoid Oversharing on Social Media: Criminals use personal details to craft targeted attacks.

7. Incident Reporting

• Act Quickly: Report any suspicious activity, such as unusual emails, pop-ups, or device behaviour, to the IT/security team.
• Do NOT Hide Mistakes: Prompt reporting helps mitigate damage and prevents further harm. (We are here to help you the earlier we know the quicker we can lock down the exposure)

8. Remote Work Security

• Use Organization-Issued Devices: Avoid using personal devices for work tasks.
• Secure Your Home Network: Change the default router password and use strong Wi-Fi encryption (WPA3).
• Access the Network Securely: Always connect to company resources through a VPN.

9. Stay Educated

• Read any articles posted on the corporate internet refer to Cyber Security updates & Training availability.
• Stay Informed: Be aware of the latest threats and organizational policies.

Key Takeaways

• Cybersecurity is everyone’s responsibility.
• Simple actions like strong passwords, cautious email practices, and timely updates can prevent major breaches.
• If unsure, always consult your IT/security team.

Many thanks

Colin