Data Loss Prevention
Identify and monitor sensitive data to ensure that it’s only accessed by authorized users and safeguard against data leaks.
Identify and monitor sensitive data to ensure that it’s only accessed by authorized users and safeguard against data leaks.
Data loss prevention (DLP) refers to the identification and monitoring of sensitive data to ensure that it’s only accessed by authorized users and that there are safeguards against data leaks. This can be done accidentally or by a malicious attacker (Hacker).
It’s normal to feel as though our lives exist mainly within computers now. Times of remembering passwords or phone numbers feel like distant memories, thanks to autofill and our mobile phones.
Although, what happens if we lose all of this key data? Unfortunately, it’s easy to make mistakes with our technology, whether it’s the wrong click of a button, a smashed phone or even a misplaced computer, at the end of the day we all make human mistakes.
That’s why ensuring data is encrypted, so that the memory stick you lost doesn’t fall into the wrong hands and having a backup of your data so you can access it in an emergency is a must-have, it just isn’t worth the risk.
The main threat most people tie to a breach of cyber security are criminal hackers, and that’s with good reason. In 2019 the Official Annual Cybercrime report predicted cybercriminal activity will be one of our greatest challenges over the next two decades, with new business models for this crime arising constantly.
A Malicious attacker is anyone who illegally breaks into a computer system to damage or steal information. Ensuring all of your personal and professional data is safe from potential hackers is a must-have and will only become more important in the years to come.
The term threat vector is the way in which an attacker poses a threat. This can be a particular tool that they can use against you (a vulnerability scanner, for example) or the path(s) of attack that they follow. Under that broad definition, a threat vector can be anything from a fake email that lures you into clicking a link (phishing) or an unsecured hotspot (rouge access point) and everything in between.
Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network (by contrast, software that causes unintentional harm due to some deficiency is typically described as a software bug). A wide variety of types of malware exist, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, rogue software, and scareware. POS malware is specifically designed for point-of-sale (POS) terminals and systems with the intention of stealing payment card data. It is commonly used by cybercriminals who want to resell stolen customer data from retail stores.
Account hijacking is a process through which an individual’s email account, computer account or any other account associated with a computing device or service is stolen or hijacked by a hacker. It is a type of identity theft in which the hacker uses the stolen account information to carry out malicious or unauthorized activity.
DoS & DDoS (Denial of service & Distributed Denial of Service) are cyber attacks against networked resources like data centres, servers or websites and can limit the availability of a computer system. The attacker floods the network resource with messages which cause it to slow down or even crash, making it inaccessible to users. Potential mitigations include CDNs and proxies.
SQL stands for structured query language, a programming language used to communicate with databases. Many of the servers that store sensitive data use SQL to manage the data in their database. An SQL injection uses malicious SQL to get the server to expose information it otherwise wouldn’t. This is a huge cyber risk if the database stores customer information, credit card numbers, credentials or other personally identifiable information (PII).
Phishing is a social engineering technique where the target is contacted usually by email by someone who is posing to be a legitimate website or institution to trick them into providing sensitive data, credentials or personally identifiable information (PII). To minimize phishing, educate your staff on the importance of cybersecurity and prevent email spoofing.
Dictionary and Brute force attacks are based on trial and error. Attackers may continuously try to gain access to your organization until one attack works. This could be by attacking weak passwords or encryption, phishing emails or sending infected email attachments containing a type of malware.
Social engineering is a non-technical strategy cyber attackers use that relies heavily on human interaction and often involves tricking people into breaking standard security practices. The success of social engineering techniques depends on attackers’ ability to manipulate victims into performing certain actions or providing confidential information. Today, social engineering is recognized as one of the greatest security threats facing organizations.
Public Wi-Fi networks can be exploited to perform man-in-the-middle attacks and intercept traffic that was supposed to go elsewhere, such as when you log into a secure system.
Ransomware is a form of extortion where data is deleted or encrypted unless a ransom is paid, such as WannaCry. Minimize the impact of ransomware attacks by keeping your systems patched and backing up important data.
There are many more types of attack and anyone of them could be devastating for you or your company.
Data Loss Prevention
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.
We also use Facebook Pixel to help us understand our social traffic.
Please enable Strictly Necessary Cookies first so that we can save your preferences!