Many small businesses make the mistake of assuming that they are not at risk from cybercrime. This is usually due to the fact that they believe their size means it is unlikely they would be a target for cyber criminals. While it may be true that hackers more readily hit the headlines for their crimes […]

SMEs cannot afford to neglect proper data security practices in the workplace, especially since the introduction of GDPR in May. A recent report by the Zurich SME Risk Index found that 1 in 6 UK SMEs had been affected by cyber attacks in the past year, costing many of those impacted thousands of pounds. Despite […]

Many of us have concerns about the use of technology, its security and the effects of breaches on business. But are our fears well founded or are we paranoid?    At Avast, we asked small business owners and employees about their current concerns on a number of topics: from hacking and ransomware to mobile security and […]

When cyber-attacks and data breaches hit the news, they invariably involve the largest businesses or national institutions like the NHS. But this doesn’t mean owner managed businesses (OMBs) are not under threat too. Every OMB, regardless of size or industry sector, is at risk. Our latest research, entitled “Here, there and everywhere: the cyber threats facing OMBs”, […]

Cybercrime is an ever-growing risk that threatens both individuals and businesses around the world. Earlier this year, we consulted a panel of cybersecurity experts to find out about the biggest cyber threats that small businesses face in 2017 who cited ransomware as one of the top three threats. The extent of organisations’ vulnerability has been further highlighted […]

Guidance for enterprise administrators who want to reduce the likelihood of being held to ransom by WannaCry (or other types of ransomware). Created:  14 May 2017 Updated:  17 May 2017   The NCSC are aware of a ransomware campaign relating to version 2 of the “WannaCry” malware affecting a wide range of organisations globally.  NCSC are working […]

Next gen firewalls (NGFWs) are deep packet inspection firewalls which provide a level of network security that surpasses the capabilities of traditional firewalls by moving beyond port/protocol inspection. Firewalls provide an essential function in acting as a gatekeeper for the traffic that flows through our networks. They can grant access to certain traffic and refuse […]

Regular password expiry is a common requirement in many security policies. However, in CESG's Password Guidance published in 2015, we explicitly advised against it. This article explains why we made this (for many) unexpected recommendation, and why we think it’s the right way forward. Let’s consider how we might limit the harm that comes from an attacker who knows a […]

Many businesses have implemented a Bring Your Own Device (BYOD), allowing employees to use personal laptops, tablets and smartphones to access company data and resources. Some businesses have gone further and implemented a Bring Your Own Application (BYOA) policy too, allowing employees to use their own applications. And now there’s Wear Your Own Device. WYOD […]