Why you need to know all the cloud services that your organisation uses – part 2 – (US DoD Nuclear Secrets!)

31 May 2021 | News, Security

People are the weakest link

This sounds like a nightmare too impossible to happen. US soldiers putting sensitive information online in non-secure third party websites. It defies belief, yet we’re reading that it happened. The story popped up on ‘Gizmodo’

It is alleged that US Soldiers were saving sensitive information on a couple of common flashcard sites, presumably of things they were trying to memorise and learn. Even worse, their settings were on ‘public’ not ‘private’

It’s a classic warning about the risk of people, however well intentioned, saving critical data online in places the organisation is unaware of, and can’t control. That’s why our new KARE for Security S2 plan helps identify use of these sites in your organisation.

US Soldiers Accidentally Leaked Nuclear Weapons Secrets: Report (gizmodo.com)

Shadow IT

Shadow IT is one of the largest threats to data privacy in organisations today.

It’s not necessarily because these sites are going to be hacked, although that’s always possible, but just because if you don’t know the tools are in use, then there is no way that you can manage them!

The first step to maintaining this data is to identify it! That’s why you need new tools that are cloud focused. If you’re still using the same old security tools that you used to use prior to the cloud, then you are not keeping up and we need to talk!

Urgent – “Zero Day” exploit 9 Sept 2021

Urgent – “Zero Day” exploit 9 Sept 2021

Today's news is full of stories about increased cyber-threats in NZ - Cyber attacks against Kiwibank, ANZ, NZ Post, MetService - experts see lockdown link - NZ Herald We've seen several days of issues caused by these "DDOS" attacks.   Overnight, another...

Have you heard about “typosquatting”?

Have you heard about “typosquatting”?

"Typosquatting" is the name given to criminals pretending to be someone they aren't - taking a domain name that uses a clever combination of legitimate-looking original sender email addresses, with spoofed display sender addresses that contain the target usernames and...

Cyber-war Seminar

Cyber-war Seminar

Stories from the Cyber-war The simple reality is that cyber-crime is now a mega-business.  The cost and effort to combat it grows all the time. "Is it worth it?"  Good question.  Every organisation needs to choose a level of security and resulting cost, effort and...

Pretending to be you or your colleagues

Pretending to be you or your colleagues

Just because it seems safe, doesn't mean it is. On some emails, you might see a warning that marks them as being ‘external’. This gets added as the email comes into your organisation. The idea is a simple one – if you see an email marked as external, then you will be...

Avoiding ad trackers when you browse the ‘net

Avoiding ad trackers when you browse the ‘net

Your own personalised stalker It always seemed slightly creepy that your computer shows advertising that is strangely accurately targeted at things you might have been interested in.  On the surface, that seems quite useful.  If you have to tolerate ads on your...

Phishing emails are getting smarter every day

Phishing emails are getting smarter every day

n the old days (ie last year!!), a dodgy email had a whiff to it – there was something that triggered your subconscious. That’s because some phishing emails were really badly written with terrible English.  But others just had a sniff about them- something that made...