Cyberburst content, what is covered?
We have a dedicated content team here at Cyberburst that have written the cyber awareness training campaign. Here are the content topics included. You’ll see that whatever your needs are, we’ve got you covered!
Keeping hardware and devices secure
Keeping devices safe and secure minimises the risk of someone gaining access to steal data or install malware.
Cyber indifference
Cyber indifference is when you stop trying, and cyber security becomes unimportant, becomes perceived as unattainable, and stops being a part of everyday life for an individual.
Common elements of cyber-indifference include:
- The idea that achieving a strong cybersecurity posture is prohibitively expensive.
- Cybersecurity is far too complex for the average person to operate.
- Ideas about cyber adversaries being too powerful or impossible to ward off.
- Feelings of hopelessness or helplessness insofar as preserving or cultivating cybersecurity.
- Perceptions that the individual has nothing of value and that there would be no consequence of significance to arise if they were the victim of a cyber attack.
In 2022-2023 over 90% of extortion-related cyber security incidents involved ransomware.
Source: ASD Cyber Threat Report 2022-2023
Malware
Ransomware is a type of extortion that uses malware for data or system encryption. Cybercriminals gain unauthorised access to a system or data, and then encrypt it and request payment for decryption keys. Ransomware-as-a-Service is a business model available to cybercriminals.
Ransomware is the most destructive cybercrime. It’s a small percentage of cybercrime yet has a disproportionally high dual impact – business is disrupted by the encryption of data and reputational damage if stolen data is released or sold. It can take months for a business to recover. During this time business operations can be restricted or cease completely because the business has lost access to its own systems/network.
Password Safety
Passwords should be strong, unique, memorable and accessible e.g., via a password manager.
Physical security
‘Physical security’ refers to security measures and practices implemented to protect physical assets from damage, theft and unauthorised access e.g., access controls, perimeter security, alarms and alerts.
Phishing and social engineering
Social engineering is how cybercriminals manipulate a person to gain unauthorised access to systems or data. Phishing is the practice of using deception to trick and coerce victims into disclosing information.
Phishing relies on manipulating the victim into providing information that, typically, is used by the attacker to gain access to a victim’s account or service. Detecting and avoiding phishing attacks is easily among the top 5 most essential cyber skills for anyone.
Spear phishing is a more sophisticated phishing attack, usually targeting specific individuals or organisations. The emails or messages used are crafted to appear relevant and credible to the target. They are designed to steal sensitive information like login or bank account details or trick the target into initiating a fraudulent transaction.
Business email compromise is a form of email fraud. Cybercriminals try to trick employees into revealing important business information, often by impersonating trusted senders. They may also gain access to a business email address and then send out spear phishing emails to clients and customers for information and payment.
Systems, networks and policies
An effective cybersecurity approach enables a business to be as secure as possible without disrupting business-as-usual activities. It involves systems, networks and policies working together.
We know cyber.
Our quizzes use real world examples, written in collaboration with cyber security expert, Dr Patrick Scolyer-Gray. We know a bit about creating kick ass bite-sized content – in text, image and short-video form. Oh, and it’s also humorous. More LOL = more learn!