Vector
Vector

Choose your topics

Blogs
What is Risk Management in Cybersecurity?

Let’s explore the essentials of risk management in the context of cybersecurity to help you understand how to identify, assess and mitigate cyber threats effectively.

Cyber Risk Management Enterprise Risk Management
Blogs
3 Best Practices for Data Privacy

With more technology comes more data, and with that a greater need for data privacy enforcement. What best practices should you be following?

Data Privacy
Blogs
How to Prioritize Your Third-Party Risks

How can you prioritize effectively and enhance your organization’s security posture? Here are our top tips for setting up realistic, sustainable processes.

Third-Party Risk Management GRC
Blogs
Top Tips to Save Time When Assessing Third-Party Risks

Is assessing third-party risks taking up too much of your time? How can you make the process more effective and efficient? Find out in the latest post from SureCloud.

Third-Party Risk Management GRC
Blogs
The GRC Trends to Look Out for in 2024

Our GRC experts at SureCloud share their 2024 predictions for the world of governance, risk and compliance.

GRC
Blogs
The Top 5 Challenges of Third-Party Risk Management

With the supply chain now seen as a legitimate attack path, what can your organization do? Let’s explore 5 challenges of TPRM and how to overcome them.

Third-Party Risk Management GRC
Blogs
What is Third-Party Risk Management?

What is third-party risk management and how should you approach it? Find out in this post.

Third-Party Risk Management GRC
Blogs
Questions You Should Ask when Preparing For Your First Pen Test

Understand the processes that you and your chosen pentest provider will travel through for your first pen test, from the initial point to the day the test starts.

Penetration Testing
Blogs
TPRM Blog 6-Writing Clear Questions

Our GRC Practice Director explores the importance of clear communication and how to achieve it in your third party questionnaires. Read more here.

Third-Party Risk Management GRC
Vector (7)
Vector-1
Cyber Security

SureCloud Responds to SC Media's Article on £1B Social Media Crimewave

SureCloud Responds to SC Media's Article on £1B Social Media Crimewave
Written by

Admin

Published on

3 Jul 2019

SureCloud Responds to SC Media's Article on £1B Social Media Crimewave

 
 

SC Media’s article “The £1 billion social media crimewave that has enterprises blindsided” reports on newly published research revealing massive blindspots in the defense strategy of the average enterprise: social media-enabled attacks.

The Bromium report, “Web of Profit: Social Media Platforms and the Cybercrime Economy,” states that with one in five enterprises infected by malware originating from social media, and one in eight experiencing a breach following a social media directed attack, the scale of the threat is not to be underplayed. In the UK alone, reported social media-enabled crime has quadrupled between 2013 and 2018. Globally, the research finds, the criminal fraternity is earning a staggering £2.4 billion (US$ 3.35 billion) every year.

Research at CensorNet concluded that nearly a quarter of people admitted to using social messaging apps like WhatsApp, Telegram and even Facebook Messenger to share work documents, which is often overlooked by security teams. But with social media being an essential tool to businesses, banning employees from social media to reduce the risk of these malware attacks is ‘totally impractical.’

SureCloud’s Senior Cybersecurity Consultant, Mark Wardlow, responds to the SC Media article, and discusses how both organizations and employees can best protect themselves against these types of attacks:

How do enterprises typically become victims of social media enabled cybercrime?

Enterprises can become victims in several different ways. Often attackers will use information gained from social media platforms to construct a profile of the organization and its structure which includes names of staff, and their managers. This information is then used to target individuals with a convincing back story that will be used to either extract money directly or further their insight into the company. Other cases have occurred where corporate secrets or damaging beliefs have been expressed via social media platforms which subsequently reflect poorly on the organization.

How can enterprises best mitigate the impact of social media enabled platform cybercrime?

The best defense lies around educating users on the dangers associated with a social media presence, and ensure one-to-one staff reviews include an element discussing this. A popular tactic used by teachers to avoid students discovering their social media accounts is to use an alternate name, or middle name rather than their full name. This isn’t fool-proof, however, and the best defense is always to be aware of what is available to the public on your social media account, ensure care and consideration is used when posting, and beware of accepting invites from users who are unfamiliar.

 

You can read the full article here

Learn about SureCloud’s Cybersecurity Services