The London Digital Security Centre (LDSC) is delighted to partner with The Northbank BID to deliver a cyber security programme for Spring 2019. Cyber security is a key challenge that all businesses no matter how big or small need to address. However, what this doesn’t mean is you spend vast sums of money on technology trying to mitigate the threat.
Many basic and often free steps can provide a positive impact on your cyber resilience. Therefore, in teaming up with The Northbank BID, we have devised a cyber security programme, which is completely free for businesses within the BID.
In the beginning of March, we visited businesses In The Community, where we brought around a free security assessment. Those who completed the assessment would have received a Membership Action Plan (MAP), providing key recommendations that can help to strengthen your cyber resilience.
Following this, we brought Cyber Security Clinics to the area, where you could drop-in and see us with any cybersecurity concerns.
Our final event for you is our Cyber Training Seminar consisting of interactive presentations to raise awareness about the most common causes of cyber crime, how criminals operate and what we can do to protect ourselves from becoming victims.
22nd March: 9am – 11am / 12pm – 2pm / 3pm – 5pm at the International Institute for Strategic Studies.
If you missed the opportunity to complete the assessment form, it is available via our website https://londondsc.co.uk/membership/ or complete it whilst visiting us at the Seminar.
- Introduction and Welcome – An opportunity for the trainer to introduce the session and explain the format and learning outcomes
- What is Cyber Crime? – A description of the key terms and an overview of the scale of the problem with recent examples and case studies supported by official statistics.
- Key terminology
- The scale of the problem
- What are cyber criminals after?
- How are we vulnerable?– An overview of the most common methods used by cyber criminals and a description of how they work using case studies to show how easy it is for a company’s security to be compromised.
- Opening Email Attachments exposing the company to Ransomware or Malware attacks;
- Clicking on suspicious links within emails or ‘fake’ pages on social media that take you to unsafe websites;
- Falling victim to Phishing attacks resulting in money, intellectual property or sensitive information being lost;
- Watching out for ‘Whaling’ attacks where a cyber criminal impersonates a senior manager, customer or supplier;
- Using unknown USB sticks in company computers exposing the organisation to data loss, corrupted files, viruses and malware;
- Adopting poor Password security making it easier for hackers to access sensitive information;
- Connecting your own devices (mobiles, tablets etc) to work computers thereby increasing the risk of systems being compromised;
- Using work computers for personal use, particularly where financial transactions (online shopping) are carried out;
- Other criminal tradecraft, including techniques used by ‘social engineers’ to elicit information from users.
- What are the consequences of Cyber Crime?– An explanation of the potential outcomes as a victim of cyber crime using case studies to demonstrate what happens. This session also focuses on the challenges victims face in recovery.
- Financial loss:
- Paying a ransom to recover or decrypt data;
- Organisational cost in recovery
- Lost revenue / sales
- Potential lawsuits
- Future growth plans at risk
- Reputational Damage:
- Lack of trust by customers;
- Increased likelihood of becoming a repeat victim
- Not quick or easy to resolve;
- Stressful, emotional impact as a victim;
- Potential investigations by the ICO;
- GDPR issues
- What do we do when we see something suspicious or think we may have become a victim?– Practical steps focused on what staff should do if they see something suspicious or believe they have been the victim of an attack or breach.
- Reporting internally;
- Reducing the likelihood of the risk spreading across the organisation
- How can we reduce our vulnerability? – A step by step practical guide on what staff can do to protect their business. Information used in the presentation is gathered from a variety of trusted sources, including NCSC, Action Fraud and Get Safe Online. A description and practical demonstration of some of the most reliable and trusted tools available to help provide additional levels of security.
- Best Practice:
- National guidance
- IoT / BYoD
- Password Managers
- 2 factor authentication
- Using VPNs for remote workers;
- Encrypting onward transmission of data;
- 3 stage anti-spam/malware filtering;
- Automatic patching of Windows and other applications
- Keeping up to date– A summary of helpful, reliable sources of information to keep staff aware of new trends.
- Where is the next threat coming from?– A summary of where the experts believe the next threats will come from and where potential vulnerabilities will be exposed.