How Easy Would It Be To Hack Your Business?

The most important thing any firm can do to protect itself from hacks – both visual and cyber – is to change the way it thinks 

A cyberattack is a bit like a car crash –something that happens to other people, until it happens to you.  Despite the high-profile and high-cost hacks at the likes of Sony and TalkTalk, awareness of cybersecurity remains patchy at the c-suite. An attitude persists that, so long as you’re paying your anti-virus subs, everything’s fine and dandy. But nothing could be further from the truth.

Take a moment and look around you right now. Can you be sure no one could steal a glance at your screen, whether phone, tablet or desktop monitor, and see what’s on there?  What if you had confidential information on your screen, maybe your company bank accounts, HR records, or sensitive customer data?

Visual hacking may seem lo-tech, but sometimes the old ways are the most effective. After all, why go to the trouble of hiring Russian gangsters to code an ingenious Trojan, when you know your target’s chairman regularly leaves print-outs of top secret company documents on the 19:38 to Letchworth?

In a covert experiment conducted by the Ponemon Institute for 3M, undercover ‘hackers’ were sent into participating offices to expose how easy it was to capture sensitive company information by visual means.  In the UK, they had an astonishing 87% success rate in all visual hacking attempts. A quarter of the time, they took confidential documents, financial information or log-in details without challenge, much of it lifted directly from unprotected computer screens.

The most important thing any firm can do to protect itself from hacks – both visual and cyber – is to change the way it thinks about sensitive data, turning it into a business risk that’s fully understood by the board, not just something fobbed off on the IT department. 

More specifically, organisations can reduce the risks of confidential data been pinched by such measures as installing privacy filters, which prevent screens being viewed at an angle, introducing 2-step logins and training staff in your by now well-thought-through security policy.

Of course, a hack is something that could happen to you, no matter how careful you are. But then that’s true of many risks in business. So long as those risks are understood and where possible contained, it shouldn’t prevent dynamic companies from seeking out the opportunities the modern world brings. 

Management Today

 

« Cyber Terrorism Keeps At Least One Top FBI Agent Awake At Night
The Self-Fulfilling Prophecy Of Intelligent Automation »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Spambrella

Spambrella

Spambrella provides email security with real-time threat protection. 100% SaaS (nothing to install)

Metasploit

Metasploit

Metasploit penetration testing software helps find security issues, verify vulnerabilities and manage security assessments.

Telefonica Tech

Telefonica Tech

Telefónica Cyber Security Tech is focused on the prevention, detection and appropriate response to security incidents aimed at protecting your digital services.

ControlScan

ControlScan

ControlScan is a Managed Security Services Provider (MSSP) - our primary focus is protecting your business and securing your sensitive data.

Software Engineering Institute (SEI)

Software Engineering Institute (SEI)

At the CERT Division of SEI we study and solve cybersecurity problems, research security vulnerabilities in software, and develop information and training to help improve cybersecurity.

Privacy Analytics

Privacy Analytics

Privacy Analytics enables healthcare organizations to unleash the value of sensitive data for secondary purposes without compromising personal health information.

The Media Trust

The Media Trust

The Media Trust continuously scans websites, ad tags and mobile apps and alerts on anomalies affecting websites and visitors.

HudsonCyber

HudsonCyber

HudsonCyber, part of HudsonAnalytix, provides leading cyber risk management services for the global maritime transportation industry.

Cyber Security Raad (CSR) - Netherlands

Cyber Security Raad (CSR) - Netherlands

The Cyber Security Council (CSR) is a national, independent advisory body of the Dutch government undertaking efforts at strategic level to bolster cyber security in the Netherlands.

SYSGO

SYSGO

SYSGO is the leading European provider of real-time operating systems for critical embedded applications in the Internet of Things (IoT).

UKsec: Virtual Cyber Security Summit

UKsec: Virtual Cyber Security Summit

Join 100s of UK Cyber Security Leaders Online for Expert Cyber Security Talks, Strategy Insights, Cyber Resilience Tips and More.

Research Institute in Verified Trustworthy Software Systems (VeTSS)

Research Institute in Verified Trustworthy Software Systems (VeTSS)

The main purpose of VeTSS is to support program analysis, testing and verification, to achieve guarantees of software correctness, safety, and security.

Krista Software

Krista Software

Krista is an intelligent automation platform that combines iPaaS and Conversational AI to automate complete business processes across your teams and apps.

Bluefin Payment Systems

Bluefin Payment Systems

Bluefin is the recognized integrated payments leader in encryption and tokenization technologies that protect payments and sensitive data.

Bastion Technologies

Bastion Technologies

All your cyber defense. One platform. Keep your business assets and employees safe under one roof. Manage your cyber defense quickly, easily & efficiently.

Coastline Cybersecurity

Coastline Cybersecurity

Coastline Cyber is a cybersecurity consulting firm dedicated to helping organizations strengthen their security posture by reducing risks, mitigating threats, and protecting against attacks.