People are our greatest asset but could be our greatest liability, especially when it comes to keeping our systems secure. Thankfully, we haven’t been replaced with robots (quite yet), so we need to ensure everyone remains vigilant. Cyber education is a great place to start.
Lugo clients can click on the following link to access our Lugo Learning portal and work through our Cyber Security videos. With people working remotely, this is a great way to increase cyber education across your team.
Our Lugo Learning portal uses Single Sign On (SSO). Click on the Sign in with Microsoft link on the right-hand side and enter your Microsoft credentials.
Included in your Lugo support package are over 800 bite-sized training videos including Remote Working, Microsoft Teams, Microsoft 365, Word, Excel, PowerPoint & Outlook, SharePoint, Cyber Security, Mental Wellbeing, Leadership & Management, Selling Skills, Customer Service and much more.
They get right to the point of learning. That means you learn what you want, when you want and where you want. These videos could be used as part of your induction process and as part of ongoing How To, training and learning.
Phishing, vishing and smishing
Recent statistics from the Infoblox’s 2023 Global State of Cybersecurity Report, show 81% of organisations experienced a phishing attack within the last 12 months, with 60% of successful data breaches also including phishing as part of the attack.
Chances are you, or one of your colleagues, have seen one, if not fallen victim to one in the past. This is where scammers send fake emails asking for sensitive information (such as bank details) or containing links to bad websites. A common one to watch out for is asking you to enter your Microsoft account credentials into a screen that looks very similar to the real thing. You should always check the email address and full hyperlink of a message that asks you to click a link or download an attachment. If you have our Secure Cloud support package, this incorporates Microsoft Defender which includes:
- Safe Links This helps protect your business against malicious sites when people click links in Microsoft apps. When a user receives an email with links, the links will be scanned. If the links are deemed safe, they’ll be clickable. However, if the link is on the blocked list, users will see a message that it’s been blocked.
- Safe Attachments Provides an additional layer of protection for email attachments by using a virtual environment to check attachments in email messages before they’re delivered to recipients (a process known as detonation).
- Anti-phishing protection Detects attempts to impersonate your users and internal or custom domains. It applies machine learning models and advanced impersonation-detection algorithms to avert phishing attacks.
Vishing is a term coined from two words: voice and phishing. It refers to threats that come from a fraudulent call following information obtained from a phishing attack. The cyber criminal then needs a password or token to validate an operation and will call on the phone claiming to work for a bank or other organisation to gain the password or token.
Smishing is a text message form of phishing (SMS) and a variant of a phishing attack.
Cyber training should be an ongoing process including running simulated phishing attacks. Simulated Phishing attacks will become mandatory due to changes in Cyber insurance requirements.
Lugo can provide this service as part of your ongoing support contract.
Gone are scheduled password changes, to be replaced with only changing passwords if there’s been a suspected compromise. Everyone should abide by your firm’s password policy which should now recommend a longer passphrase. Longer passphrases, even consisting of simpler words or constructs, are better than short passwords with special characters. Logins and passwords should never be shared. You could make use of a password manager tool to store complex passwords. Please see the matrix below for details on how secure your password is:
Multi factor Authentication (MFA)
Based on Microsoft studies, your account is more than 99.9% less likely to be compromised if you use multi factor authentication (MFA). Multi factor authentication is free and our first line in cyber defence. This should be used where possible. Please see our MFA article for further details.
Free Dark Web Scan
Lugo can also protect your business against credential exposure by monitoring business and personal credentials, including domains, IP addresses and email addresses.
For a complimentary Dark Web scan (normally £150) to identify how many of your business credentials have been compromised please click on the button below.