By Jim Wheeler, Director Cyber Operations
Have you ever sent an inadvertent email to someone? It’s like the next generation of pocket dialling error. You are halfway through an email on your phone when the train carriage hits a bump, thumb slips, and whoosh! Your email is off, half-baked, to its intended recipient. Add sensitive data to the mix and the effects can be life changing.
In September 2015, a sexual health clinic in the UK sent out a group mailshot to 730 of its 780 registered email addresses but entered their email addresses into the "To" field and not the "BCC" field. The data leak meant that all recipients saw all the email addresses which unfortunately led to great upset and understandable distress.
Once a leak like this is out there is no going back. No Ctrl Z, no "it will blow over". The subsequent fine by the Information Commissioners Office (ICO) was £180,000. These information leaks are digital which means they are a perfect replica of data which can be stored forever with no degradation.
So what could they have done differently? Here are just two areas that could help and aren’t cost prohibitive.
The devil is in the detail
Ensure the correct type of policies and procedures are in place for each mailshot. This might not sound very exciting but believe me, this is the nuts and bolts of making sure we keep sensitive data secure.
Education for all
Employees from board to workforce, need to be educated on the threats and risks of cyber security. Not every data breach is down to a hooded teenager in a dark room with a green computer screen.
Don’t know where to start tackling these issues? Need assistance in securing your data, networks and business? Contact PGI. Our cyber specialists are passionate about education and improving your cyber security.
Some solutions are more affordable than you might think. Education could have helped to avoid that £180,000 fine for example.
A great place to start is http://pgicyberacademy.com/courses/executive-cyber-awareness/
Your free Global Geopolitical Dashboard
PGI’s Risk Portal tool provides daily intelligence feeds, country threat assessments and analytical insights, enabling clients to track, understand and navigate geopolitical threats.
The Risk Portal gives users up-to-date information and analysis on global affairs.
The Risk Portal allows users to visualise information in a unique and instantly understandable way. Mapping filters enable the visualisation of incidents by threat category, time period, perpetrator and target type.
Risk Portal users can upgrade their accounts to include the Report Builder and Country Profile Generator features. The Report Builder allows users to select information, data and images from the Risk Portal and create bespoke reports and emails.
Subscribers to PGI’s Bespoke services receive tailored analysis on specific sectors and geographies of interest, delivered at a frequency they determine.
Subscribe to our Cyber Bytes Newsletter
Keep yourself in the loop with PGI by signing up to our Weekly Cyber Bytes email. You will receive updates, tips and narrative around what has been happening in the world of information security.