Cyber security can be confusing, especially if you don’t understand the different phases used. Below is a brief list of the most common words and their definitions to have you talking like an expert in no time!
- Bad actorA hacker, hacktivist, foreign intelligence, employee (current or ex), industrial competitor or cyber criminal who has bad intent.
- VulnerabilityThe flaw, feature or item exploited to achieve the bad actors goal(s).
- FlawAn unintended vulnerability. These can be the result of implementation and can go undetected for a prolonged period and are often difficult to remedy.
- FeatureThis is an intended function or item of functionality that can be misused by an attacker to breach a system. Features may improve the user’s experience, help diagnose problems or improve management but can also be used by an attacker.
- Employee and UserA computer or system that has been carefully designed and implemented can minimise the vulnerabilities of exposure to the internet. Unfortunately, such efforts can be easily undone. Users are a significant source of vulnerabilities. They make mistakes like using easy to guess passwords, leave their device unattended and can be exploited or pressured in to divulging information, installing software or taking other bad actions.
- BreachThe successful intrusion within your perimeter by an actor.
- PerimeterThe exposed elements of your network, computers, software and systems.
- Attack surfaceThis includes the perimeter as well as real world targets such as your offices, users and users home devices. Any area that can have pressure or be attacked.
- VectorThe attack vector is the method of delivery or route taken to exploit a vulnerability and hit the attack surface. Typically resulting in a breach and access within the perimeter.
- PhishingInvolves sending large numbers of people emails asking them for sensitive information or access.
- Water holingTypically a fake website or compromised legitimate website used to exploit visiting users.
- ScanningMethodically attacking wide swathes of the internet at random.
- RansomwareAlthough typically not targeted this will often be used in a targeted attack which could include disseminating disk encrypting extortion malware.
- Spear PhishingIs sending emails to targeted individuals that could contain an attachment with malicious software, or a link that downloads malicious software.
- Bot NetSuitable for all types of attack this is a large network of unwittingly hacked computers and devices used in an attack like a DDOS (Distributed Denial of Service).
- Supply SubversionAttacking equipment or software during manufacture or delivery.
- DDOSDistributed denial of service attacks involve flooding servers or internet connected devices with information so as to overwhelm them.
- Dwell timeThis is the amount of time a breach goes unnoticed within the perimeter. In 2019 in EMEA this was 54 days.
As technology evolves the percentage of time we spend online is rapidly increasing- and that goes for our children too. Research by children’s technology firm SuperAwesome found that screen time went up by over 50% during the pandemic. Of course, some of this can be attributed to remote learning, but the remainder represents the general trend of the global population spending increasing amounts of time using the internet.
When it comes to children’s screen time, the main offenders in the streaming world are Netflix and YouTube (according to the same research), and in the gaming sphere, Roblox. Social media apps such as Snapchat, Instagram and TikTok are also incredibly popular, with many older children using these to stay connected with friends.
How can you be sure your child is safe online?
It’s impossible to monitor browsing 24/7 — particularly for older children and teenagers. But there’s some advice you can share with them, as well as some practical actions you can take to make their browsing safer.
Remind your child to never:
- Give out their password, name, address, school name or any personal/family information
- Agree to meet anyone in person that they’ve met online
- Fill in a profile that asks for their name and address without asking you
- Download or install anything on your computer without your permission
- Never accept an invitation from, or reply to, someone who is unknown — even if you have mutual friends!
- Don’t accept gifts or offers from brands or influencers
Finally, remind your child that if they’re in ANY doubt, always check with an adult.
It’s a good idea to have a chat about internet safety in general, explaining that people can be anyone they want to be online, and that ‘stranger danger’ exists on the internet too. Reiterate that if they’re talking to someone online who is making them feel uncomfortable, they can end the conversation, or ask an adult for help. This is particularly important for online games like Roblox, where users can ‘friend’ and chat with other users.
It’s also a good idea to warn against posting photos of themselves online and having the privacy settings on their accounts set so they’re not publicly viewable. It’s a difficult line to walk as a parent, particularly with older children, tweens and teenagers who may feel pressured by their peers to have various social media accounts.
Practical internet safety tips
It has become the norm for children to have laptops, smart devices and other smart devices before even reaching secondary school. As a parent you’re in an awkward position between looking out for their safety and not wanting to differentiate them from their friends.
One of the best ways to increase safety for your child online is installing a quality router with a filter. Examples include Circle or Google Wi-Fi. You can also set parental controls on a number of apps and browsers. The filter is hardware based, and something that Croft can provide.
After installing this hardware, you can monitor browsing activity 24/7, with the benefit of constant reporting and filters across devices. If your child is using a mobile device remember to leave the age filter in place and consider setting up either Apple Screen Time or Google Family Link. Both of these will allow you to manage the device and control what it can access.
Talking to your child about internet safety is important, but as a parent you need to put the effort in too.
If possible, restrict your child’s internet use to a device in a family room, so you’re aware of what they’re doing online. Again, this may be more difficult with older children who want their privacy and independence!
Google’s Be Internet Legends scheme is a fantastic initiative for parents and children, helping children to become internet savvy in a safe and confident way, through online games, downloadable resources for teaching internet safety, and more.
Finally, a word about cyberbullying. If you suspect your child is a victim of cyberbullying or ‘trolling’ online, it’s important to step in and act as soon as possible. This is as serious as any other form of bullying — sometimes worse as the victim can’t get away from the abuse, and it can have a devastating impact.
We’re spending more time than ever online, both for work and for recreation. As such, it’s more important than ever to be aware of the issues of data harvesting and how your personal data is being used online.
The biggest problem with data harvesting is that a small group of companies entirely dominate the industry. Users are utterly unaware (or utterly uncaring) of the risks of being exposed to the curated version of the internet that these data-rich big tech companies promote.
Your personal data’s journey
So, what do you understand by the term ‘personal data’? You might think of data as addresses and contact numbers, banking details, health records, and so on. This is correct, and data like this makes up the most sensitive information stored online.
However, it goes further. Your personal activity also counts as data. Think browsing activity, social media posts, location data, search-engine queries, even what you ask your Alexa or Google Assistant. This reveals a lot about you and is usually monetised in ways that personal details are not.
There are other kinds of data collection that you might not even know about. For example, did you realise that some companies analyse the way you type or use your smart device? Biometric data like facial recognition is also used to collect information, something that Facebook and Instagram were both in hot water over last year.
Sometimes data is given willingly by users, but too often people don’t understand the specifics of what is being given up when they tick a consent box. The finer details are part of a hard-to-read service agreement that’s often overlooked.
Many apps use your location to target you with custom advertisements, but they don’t make it clear that your data might then be sold to a third-party so they can analyse the local shops or businesses you visit.
You’ll be aware to an extent that you’re being tracked. After all, the same advertisement following you from web page to web page is a bit of a giveaway. But few people realise companies aren’t just analysing clicks, but also the exact movements of a user’s mouse.
The adage ‘nothing in life is free’ is a good one to bear in mind here. The way companies see it, you’re receiving something in return for your data being monetised, by getting to use their app or services (Facebook, Instagram, Google Maps, etc) for free. You’re essentially paying for the use with your personal data, which is then used to target you with ads, in an ongoing cycle.
The engagement issue
A huge issue in data harvesting is the way it can influence the way you behave online in social spaces too. A prime example is the curation of your social media algorithms, showing you a systematised feed.
This leads to users being stuck in a virtual ‘echo chamber’ that manipulates thinking and social interaction, promoting polarisation and radicalisation on certain topics.
Although it’s not a new problem online we’ve seen many examples of the damage this can do during the pandemic and the social and political upheaval of the past year.
Engagement is far and away the highest risk issue online today. Again, this is something that most people are blissfully unaware of.
Data gathering for security
In some cases, data gathering for behavioural insight is required for security. This leads to an issue where a careful balance needs to be struck, and extreme care needs to be taken over the safeguarding of data collected for this purpose.
A prime example is in the hospitality and leisure industries, with establishments collecting, storing and sharing (if required) customer data for use in ‘track and trace’ during the pandemic.
We fully believe that as an individual you have the right to decide how your personal data is shared, to retain control over said personal data, and to be confident that it’s being used ethically.
Organisations and institutions have the responsibility to ensure that they’re using the correct methods for handling, storing, processing and sharing personal data, and doing this in a way that’s compliant with regulations.
We’re here to help
At Croft, we’re committed to ‘doing it with care’. For us this means doing the right thing, because it matters — and we care about why it matters. When it comes to the privacy and security of our clients, we treat this with the highest priority, because it’s part of our mission to care for our customers, care for our company, and consider the impact of our actions.
We’re honoured to have the privacy and trust of our clients. If we sound like we could be a good fit to help with your business communications and technology, then please get in touch!
Croft are delighted to be joining forces with leading communications provider, P2C Communications.
P2C Communications are dedicated to providing customers with a white glove service, building an exceptional reputation for customer care alongside innovative and cost-effective telecommunication solutions. With a shared passion for service, together we will be able to offer customers a full range of communications solutions – from business phones, hosted telephony and connectivity, right through to managed IT provisions and cyber support.
“We are excited to be joining Croft and the additional capabilities this merger offers us, while being able to maintain our high levels of customer service. We will now be able to offer bespoke mobile phone services on all of the major networks with options for flexible handset purchasing & leasing, plus dedicated account management to support internal teams.”- Trina Dixon, Customer Service Director at P2C Communications
We look forward to welcoming Trina, Pete and team to the Croft family, expanding our presence across the UK with the retention of their Surrey based office.
Be the first to hear our latest news!
Keep up with all the updates from Croft by following us on social media:
As club sponsors, at Croft Communications, we are delighted to be supporting Berkhamsted Raiders CFC, helping them raise additional funds via our Grassroots Initiative.
How it works- 2 simple steps
- Redirect your existing business communications spend to Croft’s cutting-edge telecoms and IT support services, increasing business efficiency, productivity and profitability.
- Croft then immediately inject a % of the cash you spend back into the club!
This could add up to a sizeable donation in the hundreds – or even thousands, every year. An enormous impact on Berkhamsted Raiders fundraising efforts.
No effort or hassle – Croft take care of everything
- You secure a regular revenue stream for your local sports club, used to fund improved equipment and kits, repairs, new stands, clubhouse facilities and more
- You give back to your local community and improve your businesses Corporate Social Responsibility.
- You take advantage of Croft’s full range of innovative telecom products and services
- You get better solutions to improve your communications systems AND save money.
Where do I sign?
The world of cyber and IT can be a complex place and often confusing for businesses trying to manage the best systems and procedures to put in place.
Following on from our Cyber Essential series, our next set of webinars look at how you can get more from the systems you already use. Each power half-hour, will give you the tools and information you need to increase your team’s productivity and start using your programs like a pro.
Texts, tasks and tracks with Excel superpowers
Thursday 5th May- 10am- 10:30am.
Monday 9th May- 1pm-1:30pm.
Excel is much more than spreadsheets and data. In this 30-minute session we will give you the tools and knowledge to automate texts, create tasks and track all within Excel!
Microsoft 365: The apps you didn’t know you had!
Wednesday 1st June- 10am-10:30am.
Tuesday 7th June- 1pm-1:30pm.
Did you know you have 100’s of apps available to you via Microsoft 365? We’ll go through the top apps available to you, how to add them to your set up, and how to make the system work harder and more effectively for you.
Missed our Cyber Essentials sessions? Watch now on our YouTube channel.
Croft are delighted to announce that we have joined forces with Wardman UK, specialists in cyber resilience, security, and ICT services.
Formed in 2009, Wardman UK provide customers complete peace of mind by offering expert support and protection across all IT, telecoms, and software platforms. Building an exceptional reputation for first class customer service, Charles Wardman and the team will be joining Croft as part of the merger and rolling out our Cyber and Managed Service platform to our 4,000 clients.
“I’m excited to be joining Croft and the benefits this merger brings. By combining our skills and services we will be able to provide a more comprehensive offering to all our customers, while maintaining high levels of support and care.” Charles Wardman, Director of Cyber & Managed Service Provision
“As part of our continued expansion in ICT products and services, this partnership increases our technological and cyber skills, enabling us to offer a greater range of best-in-class services to our customers. With their extensive experience and knowledge in cyber essentials, and cyber incident response, we are delighted to be welcoming Charles, Mark and Christopher to the Croft team.” Mark Bramley, Croft CEO
Watch this space!
For webinars, introductions and cyber opportunities and exciting new services and products. Keep up with all the updates from Croft by following us on social media: