RS Risk Solutions Favicon

CYBER RISKS AND LIABILITIES JANUARY AND FEBRUARY 2024

Cyber-security Trends for 2024.

In todays rapidly growing digital age, cyber threats and attacks are becoming more intelligent. It is vitally important to use cyber-security tools and training to prevent your organisation from falling victim.

Rather than waiting for the attack to happen and then taking action, it is recommended to be proactive in order to spot cyber-threats early. The following are cyber-security trends all businesses should be aware of to protect themselves in the upcoming year:

  • AI-powered threats and defenses—Cyber-attackers are expected to leverage artificial intelligence (AI) and machine learning to launch more sophisticated attacks. AI-powered attacks will range from deepfake social engineering attempts to automated malware that adapts intelligently to evade detection. On the other side, cyber-security professionals are using AI to detect and respond to threats more effectively.
  • Ransomware attacks—Ransomware, a malware attack that blocks IT system access until the victim pays a ransom, is a concerning threat that shows no signs of abating. In 2024, expect even more sophisticated ransomware attacks to continue. Organisations will need robust cyber-security measures and employee training to avoid these attacks.
  • Next-level phishing attacks—Generative AI tools (such as ChatGPT) enable more attackers to make smarter, more personalised approaches, and deepfake attacks will become even more prevalent in 2024. The best response to this includes organisation-wide awareness and education, although AI tools and zero trust will likely play increasing roles.
  • Internet of things (IoT) cyber-attacks—With many employees now working remotely, there is an increased risk posed by these workers connecting or sharing data over improperly secured devices. This will continue to be a cyber-security weak spot in the upcoming year.
  • Cyber-security workforce shortage—There is a shortage of cyber-security professionals across all industries. Businesses will need to invest in training and retaining talent, and consider outsourcing their needs to professionals.
  • Supply chain risks—The supply chain has become an attractive target for cyber-criminals. Organisations will need to protect their networks from third-party vendors as well as internal access.

For further information on cyber-security trends for 2024, contact us today.

 

Reducing Cyber-risks in Public Spaces

Many remote workers like to work in places that offer free Wi-Fi. Using these free Wi-Fi hotspots is convenient, but these networks aren’t perfect and could leave your business vulnerable to cyber-attacks.

The following are some measures your company can take to enhance cyber-security when permitting employees to use public Wi-Fi:

  • Require employees to use the organisation’s virtual privacy network (VPN) when they are in public places.
  • Research secure mobile hotspot options and let your employees know what these are.
  • Advise employees how to position themselves to make it difficult for someone to look over their shoulder.
  • Recommend that employees use a screen protector to blacken the display for everyone but the user.
  • Tell employees not to rely on strangers to monitor their belongings while they’re away, such as when ordering a beverage or using the toilet.

Employees should also ensure they log out of any services they were using. Additionally, they should make sure their device settings will not automatically reconnect to that network again. This can help minimise the time their device is connected to a public network.

Contact us today for more cyber-security resources.

 

Understanding the Cyber-security Risk of QR codes

Quicl response (QR) codes are a popular marketing, sales payment and customer service tool for several businesses. However, as QR codes have become more prevalent, criminals have found ways to use them in phishing attacks and to spend malware.

Since legitimate QR cades appear as a random scramble of pixels within a larger square, it can be difficult to differentiate between safe and malicious ones, Additionally, QR codes may be standalone images, so they may not be accompanied by telltale signs of malicious activity (eg misspellings or suspicious links).

As cyber-criminals increase their use of QR codes, businesses need to mitigate the risks associated with them. Strategies include the following:

  • Provide continuous education to employees on the latest cyber-threats and dangers connected to QR codes.
  • Carefully examine QR codes to ensure they were not tampered with or altered before scanning them.
  • Be cautious when scanning QR codes and double-check the web address of the site they are directed to.
  • Install security software with content filtering that inspects links and attachments and blocks access to suspicious items.
  • Maintain strict access controls to limit damage from malicious actors if they obtain login credentials.
  • Utilise multi-factor authentication systems to add a layer of protection to business systems in case employee passwords or credentials have been compromised.
  • Advise employees not to scan QR codes if they are unsure of their origin.
  • Keep all devices updated and patched.
  • Disable automatic QR code scanning on devices.
  • Review default settings and permissions regarding the sharing of sensitive information.
  • Train employees on how to safely use their technology in a bring-your-own-device environment.
  • Reduce the use of QR codes in electronic business communications to discourage cyber-criminals from using them to target customers.

Businesses can protect themselves and their customers by adopting actions such as using a reputable QR code generator, customising the QR code to include the company’s branding, testing the QR code before distribution and ensuring the linked website is strongly encrypted and has visible indications of SSL protection.

For additional cyber-security resources, contact us today.

Legal Specific Disclaimer:
The following information is not exhaustive, nor does it apply to specific circumstances. The content therefore should not be regarded as constituting legal or regulatory advice and not be relied upon as such. Readers should contact a legal or regulatory professional for appropriate advice. Further, the law may have changed since the first publication of this information.

Add to my favourites

Speak to us

RS Risk Solutions Logo

Related Articles

SUBSCRIBE TO OUR NEWSLETTER

Registered office: 2 Windsor Mews, Crown Drive, Heathfield, East Sussex, TN21 8FP. Registered in England and Wales, No. 11899365.

RS Risk Solutions Limited is authorised and regulated by the Financial Conduct Authority. FRN 843988

We are an independent insurance broker regulated by the Financial Conduct Authority and operate in the UK, predominantly in London and the South East, Surrey, Kent, East Sussex, West Sussex.

Quick Links

Policies

Get Support

RS Risk Solutions Logo

Request a callback

By providing the above information you consent to RS Risk Solutions Limited contacting you by any of the methods that you have provided details for. We will process this information in accordance with our privacy notice.

RS Risk Solutions uses cookies to monitor the performance of this website and improve user experience. To find out more about cookies, what they are and how we use them, please see our privacy notice, which also provides information on how to delete cookies from your hard drive.