<img alt="" src="https://secure.refl3alea.com/149779.png" style="display:none;">
it-blog.png

      Recommended Blogs

      • Sprout Sessions - UK Legal - Cyber Security Early Adopters

        Watch the recording of our webinar on the 18th June 2020.   

        Read More
      • Data security planning for legal firms

        Data security is important for any business but, for legal firms, the safe storage of digital information is critical.  

        Read More
      • Legal business continuity checklist - everything you need to know

        The COVID-19 pandemic has thrown many businesses into having to conduct business in ways otherwise unthinkable just a ...

        Read More
      • Phishing attacks during the Covid-19 Crisis

        There have been many unfortunate occurrences since the emergence of the COVID-19 crisis.  

        Read More
      • Cyber resilience and the UK legal sector

        Legal firms, large and small, are very attractive targets to cyber-attackers for a number of different reasons, the ...

        Read More
      Cyber Security – what to watch out for in 2020
      BY Ian Bernhardt

      Mobile, AI and cloud will continue to be exploited by criminals this year as awareness of these risks is not a common practice across organisations. The lack of cybersecurity skills in house, awareness, education, changes to systems along with the growth and development of software are the key areas criminals will be exploiting.

       

       

      Here is what I believe the year ahead in cybersecurity has in store for us:

       

      Mobile phones

      Phishing on mobile devices will become more common place and will ultimately lead to corporate attacks as personal mobile devices are often overlooked by large organisations. Personal devices don’t have the same secure gateways, firewalls and phishing prevention that your business has in place.

      Key areas of mobile device attack may include but not limited to:

      • Sim swaps or cloning
      • Personal email
      • Social networking apps
      • Secure messaging apps
      • SMS/MMS

      Digital image of womans eye. Security concept

       

      MFA is the new 2FA

      Authentication will move from two-factor (2FA) to multi-factor (MFA), including biometrics. Most companies have implemented one-time authorisation codes to provide 2FA, 2FA has been circumvented in advanced phishing attacks To protect against credential theft organisations should consider adopting MFA and biometrics using mobile devices. This strengthens authentication and improves user experience and reduces the risk of mobile device causing security risks to the business.

       

      Ransomware

      Organised criminals will move from banking trojans and instead focus on smaller ransomware attacks which are easier to anonymise, easier to exploit, and require a less targeted and organised attack.

       

      5G Network

      UK adoption of 5G infrastructure will become a big part of the technology advances in 2020. This will give rise to an increase in new computing capabilities and a host of new connected devices. This will highlight existing issues such as authentication, confidentiality, authorisation, availability and data security of mobile devices.

      Now is the time to review the risks BYOD brings to your organisation and in the future.

       

      Legacy Operating Systems (OS)

      These will pose an even greater risk to organisations globally

      Support for Windows 7 will cease in 2020 meaning Microsoft will stop patching and updating the OS even when if a significant security vulnerability is found.

      Cyber criminals will be exploiting these vulnerabilities to gain access to companies’ systems and data, similar to the incidents we saw when windows XP went end of life. In some cases, IT professionals have reported encountering and supporting even older OS’s.

       

      Licencing of new software and Operating systems will outweigh the financial costs of a serious data security incident so spend the money and reduce your risks

       

      Social engineering

      Social engineering attacks on employees will become more common place as the increase in organisation security and awareness makes it more difficult and costly to circumvent.

      The human factor is still the biggest weakness in any organisation, and this will continue to be exploited.

       

      Insider threats

      Hackers and cyber criminals may offer large amounts of money to insiders to gain access to valuable information. The amount offered is dependent on the insider’s position and level of access within the organisation and type of data that they are trying to access. Recruiting insiders has previously occurred via blogs or forums offering money for information and quire often through blackmail.

       

      As a result, attacks on users in order to obtain compromising data are predicted to increase.

       

      Achieving cyber resilience in your practice or chambers in 2020 with Sprout

      To speak with one of our team about cyber resilience challenges and opportunity in the New Year and beyond, please call Sprout IT today on 020 7036 8530 or email us.