eHealth NSW’s Post

New government figures show most medium and large organisations have suffered a cyber security incident over the last 12 months. Businesses are making progress with their cyber resilience, but there’s more to do. 🖥️ A draft Code to help leaders toughen up cyber protections 🛡️ Working with National Cyber Security Centre to provide free tools and staff training 📈 Awarding Cyber Essentials certificates to organisations that have vital controls in place 🎓 Upskilling the workforce so organisations have the skills they need to protect themselves 🔒 Protecting businesses and consumers by introducing a raft of new measures to boost the security of ‘smart’ products with internet connectivity See the latest cyber security figures: https://lnkd.in/ecCybuA2 @scitechgovuk

For all my connections in the Education space, the below government update is definitely worth a read with regards to cyber security.

The government has updated cyber security standards in Schools and Colleges. The new cyber security standards contain the same key information that the previous cyber security standards held, but the format of this has changed to make them more accessible to staff without cyber expertise. The updated guidance covers the following points: 1. Conduct a cyber risk assessment annually and review every term. 2. Create and implement a cyber awareness plan for students and staff. 3. Secure digital technology and data with anti-malware and a firewall. 4. Control and secure user accounts and access privileges. 5. License digital technology and keep it up to date. 6. Develop and implement a plan to backup your data and review this every year. 7. Report cyber attacks. If you'd like to read the updated government guidance (and we strongly suggest that you do), it is available here: https://lnkd.in/e5faYHw6 If you need assistance in meeting these updated guidelines, please get in touch. Our experts can discuss your cyber security strategy with you, and then make recommendations to ensure you're fully compliant. #edtech #cybersecurity #school #technology #advice #guidance #college

Our sister company Simplify IT Solutions Ltd have just posted this regarding the Government's updated Cyber Security standards in Schools and Colleges. Any Schools or Colleges that are concerned with cyber security compliance, or just want to chat cyber security & safeguarding strategy, get in touch. We can help. #edtech #cybersecurity #school #college #technology #safeguarding

𝗣𝗲𝗼𝗽𝗹𝗲 𝗰𝗼𝗻𝘁𝗶𝗻𝘂𝗲 𝘁𝗼 𝗯𝗲 𝘁𝗵𝗲 𝗯𝗶𝗴𝗴𝗲𝘀𝘁 𝗰𝘆𝗯𝗲𝗿 𝗿𝗶𝘀𝗸 𝗳𝗮𝗰𝘁𝗼𝗿 𝗶𝗻 𝗯𝘂𝘀𝗶𝗻𝗲𝘀𝘀𝗲𝘀 A key takeaway from Zero Trust World 2024 is that despite advancements in technology and security measures, people remain the primary risk factor in cybersecurity for businesses. Here's how: • Human error, negligence, and susceptibility to social engineering tactics such as phishing emails, remain significant vulnerabilities. • Even with training and awareness programs, employees often fall victim to scams or inadvertently compromise security protocols, leading to data breaches and financial losses. • Moreover, malicious insiders pose a persistent threat, exploiting their access privileges for personal gain or malicious intent. As businesses increasingly rely on digital infrastructure, addressing the human element in cybersecurity remains a critical challenge, requiring ongoing education, stringent policies, and continuous monitoring to mitigate risks effectively. . . . #KickAssITPeople #AwardWinningMSP #ExperaIt #Cybersecurity #IT

Reasons to be cheerful – cyber security in the UK The UK government has recently published the wave three results of its Cyber Security Longitudinal Survey. The purpose of the survey is to investigate the change over time in organisations’ cyber security policies and processes. The UK government has also recently published the results of its 2024 Cyber Security Breaches Survey which aims to provide a comprehensive description of cyber security for a representative sample of UK organisations.    Despite their different emphasis, there is common ground in the results: ·      Two types of activity dominate organisations’ experience of cyber security incidents: phishing and people impersonating the organisation in emails or online.  ·      Most cyber security incidents only rarely cause a material loss and where there are material consequences, they tend to be short-term.  ·      The most common cyber threats are relatively unsophisticated and can be managed by a set of basic controls that most, though by no means all, organisations have in place - patch management and user monitoring being the technical controls that organisations are least likely to have implemented. So, what can we glean from this? While on the one hand there is no justification for complacency, neither is there support for the doom-mongering favoured by some sections of the cyber security community. Have a good day. #cybersecurity #informationsecurity

With 95% of cyber security breaches a result of human error, cyber security training is fast becoming an essential for all businesses. Training doesn’t have to be onerous, just consistent. Here are some of the core benefits: 🔍 Spot Threats Early: Learn to spot and stop phishing, malware, and other risks. 🚫 Reduce Human Error: Reduce breaches with proper data handling training. 📜 Stay Compliant: Keep up with regulations and avoid penalties. 💪Empower Employees: A trained team is your best asset in cyber defence. Enhance your team's skills with our FREE cyber security training! Find out more here: https://lnkd.in/gNrWp3Kw #Cybersecurity #OnlineSecurity #AwarenessTraining

I am pleased to have completed Wizer Level 2 Cyber Security Awareness Enablement, Thanks #rededucation for upskilling. Quick highlights below. Awareness The more we share about ourselves online the easier it is for criminals to personalize scams to make them more believable. Even if a message comes from the IT department asking you to take action against security protocol, call and verify. Avoid using personal email to get around technical difficulties just to complete a task. Ask your security team for a solution. Don’t try to fix the issue yourself or delete the email/message as the security team may need it to investigate further. There are several ways to report an incident - use the ‘Phishing Report’ button, send an email, or call your IT team directly. The earlier a security concern is reported the better the chance the security team has to minimize any potential damage. Cybercrime has become so advanced that people only stand a chance if they are aware but it is possible

Did you know: Implementing multi-factor authentication (MFA) is a crucial step towards safeguarding your online services and sensitive data from malicious actors? MFA involves using two or more authentication factors to verify a user's identity, such as something they know (like a password), something they have (like a security key), or something they are (like biometrics). By adding this extra layer of security, MFA makes it significantly harder for cybercriminals to gain unauthorised access. But not all MFA methods are created equal. Phishing-resistant methods, such as security keys or biometrics, offer greater protection compared to traditional methods like SMS messages or emails, which are more susceptible to attacks. In our online Cybersecurity fundamentals membership course, we delve into the importance of MFA, different authentication methods, and best practices for implementation. Learn how to maximize the effectiveness of MFA and minimise vulnerabilities within your organisation's security infrastructure. Don't let cyber threats compromise your organization's data integrity. Take proactive steps today with robust multi-factor authentication. https://lnkd.in/gqVFHB6r #cybersecurity #mfa #multifactorauthentication #dataprotection #cyberdefense #aics #onlinesafety #phishing #pharming

Hey Everyone! As we all are in the digital age, its necessary to stay informed about various cyber crimes that can affect individuals and organisations. Cybersecurity is the protection to defend internet-connected devices and services from malicious attacks by hackers, spammers, and cybercriminals. Security awareness guidelines include not opening suspicious emails from unrecognized senders, not clicking on suspicious links in emails or on websites, not opening attachments in emails, not disclosing information, and not responding to suspicious emails or contacts provided therein. "Cybersecurity is paramount in today's digital landscape. With threats evolving constantly, staying proactive is key. Emphasize employee training, implement robust security protocols, regularly update software, and invest in advanced threat detection technologies. Stay vigilant, stay secure⚠️ Thanks to prof.Chandrika Bagepalli Krishnan for giving this project. Where I got to know about many cyber crimes. And stay aware and create awareness. #cybersecurity #cyberAwareness #staysafeonline❗️