Voice over Internet Protocol (VoIP) phishing, a technique that involves manipulating VoIP technology to trick users into giving up sensitive information, has become a favored tool in every cybercriminal’s arsenal. But why is this so? Let’s take a look at the reasons scammers choose this nefarious activity over other schemes. By unraveling why VoIP attacks […]

Social media platforms like Facebook and Twitter are a great way to stay connected with friends and family, learn about new things, and share your thoughts and ideas. However, it’s important to be aware of the privacy risks associated with using these platforms, including the collection of personal data. By taking some simple steps, you […]

From social media accounts to online banking to business emails, passwords are the key to keeping your digital life safe. Yet, most people do not give much thought to creating strong passwords. In fact, many people use generic passwords such as their mother’s maiden name or their birthday, making them easy targets for cybercriminals. This […]

The digital realm is teeming with risks that can compromise business data. Thankfully, a variety of tools and technologies are available for your company to fortify its cybersecurity. Two-factor authentication (2FA) and two-step verification (2SV) are among the most effective methods for bolstering your defenses against attackers. 2FA and 2SV are often used interchangeably, but […]

Cyberattacks are becoming increasingly sophisticated, making it crucial for business owners to proactively safeguard their sensitive information. One powerful method that can significantly enhance your cybersecurity strategy is performing an IT security audit. This article will talk about how IT security audits can bolster your business’s defenses against cyberthreats and provide you with peace of […]

Small and medium-sized businesses (SMBs) often face challenges in protecting their IT systems from cyberattacks. One of the most important steps that SMBs can take to solve such issues is to be aware of the most common ways their systems can be breached. Here are five ways that SMBs’ systems can be breached. You are […]

Cyberthreats are constantly evolving, and without adequate protection, businesses can fall victim to data breaches, financial losses, and reputational damage. Understanding basic cybersecurity terms is crucial for safeguarding company assets and sensitive information. Here are some essential cybersecurity terms that every business owner should be familiar with to strengthen their organization’s security posture. Malware Malware […]

Have you heard the saying, "A picture is worth a thousand words"? It seems cybercriminals have too, and they're using it to their advantage.

In a new twist on phishing campaigns, cybercriminals are luring victims to click on images rather than downloading malicious files or clicking suspicious links.

In this the second of our three-part blog series, we will go into detail about the first three of the five Cyber Essential controls. We will also look at how to implement and maintain them to ensure compliance with Cyber Essentials.

We briefly mentioned the five controls in our last piece, but here they are again in a nutshell:

The five controls

1. Anti-Malware measures

2. Patch management

3. Firewalls

4. Applying Access Controls

5. Secure Configuration

The Cyber Essentials objective

Cyber Essentials was created with this aim in mind: ‘To prevent harmful code from causing damage or accessing sensitive data’. This is achieved by restricting the execution of known Malware and untrusted software.

Introduced in 2014, Cyber Essentials is a government-backed scheme that was created to help businesses to protect themselves from common cyber threats, thus protecting their data, ensuring compliance and avoiding damages and losses to information and reputation.