Cyber security is quickly becoming a vital topic of which every business and employee needs to be aware. From phishing emails to identity theft, it can happen to any business at any time. However, cyber security buzzwords can be confusing, especially if you don’t understand the different terms used. To give you a head start in becoming more cyber safe, we have listed below the most common cyber security keywords and their definitions, helping you and your business gain a deeper understanding.

Common cyber security terms

Cyber security refers to the processes and methods of defending your network and devices from data breaches and other cyber attacks.

Here are some common cyber security terms used that you should familiarise yourself with:

  1. Bad actor. A hacker, hacktivist, foreign intelligence, employee (current or ex), industrial competitor, or cyber criminal who has bad intent.
  2. Feature. This is an intended function or item of functionality that can be misused by an attacker to breach a system. Features may improve the user’s experience, help diagnose problems or improve management but can also be used by an attacker.
  3. Perimeter. The exposed elements of your network, computers, software, and systems.
  4. Attack surface. This includes the perimeter as well as real-world targets such as your offices, users, and users’ home devices. Any area that can have pressure or be attacked.
  5. Vector. The attack vector is the method of delivery or route taken to exploit a vulnerability and hit the attack surface. Typically resulting in a breach and access within the perimeter.
  6. Dwell time. This is the amount of time a breach goes unnoticed within the perimeter. In 2019 in EMEA this was 54 days, imagine the damage that could be done within that time frame.

Computer infected by a virus

Common cyber threats

There is a wide range of ways a bad actor could obtain your confidential data. Below we list some of the most common methods that you need to be aware of:

  1. Breach. The successful intrusion within your perimeter by an actor.
  2. Phishing. Involves sending a large group of people urgent emails that pressure them for sensitive information or access.
  3. Ransomware. A type of malware where the attacker encrypts or locks away sensitive data and threatens to deny access or publish it until a fee is paid.
  4. Spear Phishing. Is sending emails to targeted individuals that could contain an attachment with malicious software or a link that downloads malicious software.
  5. DDOS. Distributed denial of service attacks involves flooding servers or internet-connected devices with information to overwhelm them.
  6. Flaw. An unintended vulnerability. These can be the result of implementation and can go undetected for a prolonged period and are often difficult to remedy.
  7. Water holing. Typically a fake website or compromised legitimate website is used to exploit visiting users.
  8. Supply Subversion. Attacking equipment or software during manufacture or delivery.
  9. Bot Net. Networks of unwittingly hacked computer devices are used for all types of attacks like DDOS (Distributed Denial of Service).
  10. Scanning. Methodically attacking wide swathes of the internet at random.
  11. Vulnerability. The flaw, feature, or item is exploited to achieve the bad actor’s goal(s).

A business laptop that is secured from cyber attacks

Cyber security tactics to get you started

To help navigate the growing cyber threat surface you need to understand the different ways that you can secure your business.

  1. Employee and User. A computer or system that has been carefully designed to minimise the vulnerabilities of cyber attacks. Unfortunately, these security efforts can be easily undone. Users are a significant source of vulnerabilities, they make mistakes like using easy-to-guess passwords, leaving their device unattended, and exploiteor be pressured into divulging information, installing software, or taking other bad actions.
  2. Endpoint Security. Protects entry points of end-user devices such as laptops, mobile phones, or desktops, from being breached and exploited by a bad actor.
  3. Password Management. A set of rules and processes that need to be followed to manage and store passwords securely and prevent a data breach.
  4. Dark Net Monitoring. The processes of checking and making sure that no personal or confidential information is accessible online or is sold on the dark web.
  5. Data Backup. A copy of your files and important information is stored in a secondary location in case of equipment failure or corruption.
  6. Firewall. A security system that monitors all incoming and outgoing network traffic and can filter it.
  7. Intrusion Prevention. Source and implement the right software for your business, to detect and protect against unwanted intrusions. Preventing possible cyber attacks.
  8. Proactive Threat Hunting. A fundamental cyber security practice. A Process of searching through your network detecting any suspicious activity and responding to cyber threats.

Did you find these cyber security terms helpful?

The keywords we listed above will ensure that you are in the know about the cyber dangers your business faces each day. Unfortunately, the list of cyber security threats is forever growing. But, being aware and having a clear understanding of cyber terminology is the first step in ensuring that you and your business are up to speed on security.

There is no one size fits all strategy in keeping your business safe. Each one is unique in the way it operates and functions. Without a bespoke solution, you run the risk of data theft, downtime, or even damage to your reputation, but we can remove that headache for you.

Our team of experts will provide you with tailored security solutions that will give you peace of mind. Consult with us today and find out how we can support your business with managed cyber security services that align with your distinctive business needs.

As technology evolves the percentage of time we spend online is rapidly increasing- and that goes for our children too.  Research by children’s technology firm SuperAwesome found that screen time went up by over 50% during the pandemic. Of course, some of this can be attributed to remote learning, but the remainder represents the general trend of the global population spending increasing amounts of time using the internet.

When it comes to children’s screen time, the main offenders in the streaming world are Netflix and YouTube (according to the same research), and in the gaming sphere, Roblox. Social media apps such as Snapchat, Instagram and TikTok are also incredibly popular, with many older children using these to stay connected with friends.

How can you be sure your child is safe online?

It’s impossible to monitor browsing 24/7 — particularly for older children and teenagers. But there’s some advice you can share with them, as well as some practical actions you can take to make their browsing safer.

Remind your child to never:

Finally, remind your child that if they’re in ANY doubt, always check with an adult.

It’s a good idea to have a chat about internet safety in general, explaining that people can be anyone they want to be online, and that ‘stranger danger’ exists on the internet too. Reiterate that if they’re talking to someone online who is making them feel uncomfortable, they can end the conversation, or ask an adult for help. This is particularly important for online games like Roblox, where users can ‘friend’ and chat with other users.

It’s also a good idea to warn against posting photos of themselves online and having the privacy settings on their accounts set so they’re not publicly viewable. It’s a difficult line to walk as a parent, particularly with older children, tweens and teenagers who may feel pressured by their peers to have various social media accounts.

Croft Heart Tech Appeal child working on laptop

Practical internet safety tips

It has become the norm for children to have laptops, smart devices and other smart devices before even reaching secondary school. As a parent you’re in an awkward position between looking out for their safety and not wanting to differentiate them from their friends.

One of the best ways to increase safety for your child online is installing a quality router with a filter. Examples include Circle or Google Wi-Fi. You can also set parental controls on a number of apps and browsers. The filter is hardware based, and something that Croft can provide.

After installing this hardware, you can monitor browsing activity 24/7, with the benefit of constant reporting and filters across devices. If your child is using a mobile device remember to leave the age filter in place and consider setting up either Apple Screen Time or Google Family Link. Both of these will allow you to manage the device and control what it can access.

Talking to your child about internet safety is important, but as a parent you need to put the effort in too.

If possible, restrict your child’s internet use to a device in a family room, so you’re aware of what they’re doing online. Again, this may be more difficult with older children who want their privacy and independence!

Google’s Be Internet Legends scheme is a fantastic initiative for parents and children, helping children to become internet savvy in a safe and confident way, through online games, downloadable resources for teaching internet safety, and more.

Finally, a word about cyberbullying. If you suspect your child is a victim of cyberbullying or ‘trolling’ online, it’s important to step in and act as soon as possible. This is as serious as any other form of bullying — sometimes worse as the victim can’t get away from the abuse, and it can have a devastating impact.

We’re spending more time than ever online, both for work and for recreation. As such, it’s more important than ever to be aware of the issues of data harvesting and how your personal data is being used online.

The biggest problem with data harvesting is that a small group of companies entirely dominate the industry. Users are utterly unaware (or utterly uncaring) of the risks of being exposed to the curated version of the internet that these data-rich big tech companies promote.

Your personal data’s journey

So, what do you understand by the term ‘personal data’? You might think of data as addresses and contact numbers, banking details, health records, and so on. This is correct, and data like this makes up the most sensitive information stored online.

However, it goes further. Your personal activity also counts as data. Think browsing activity, social media posts, location data, search-engine queries, even what you ask your Alexa or Google Assistant. This reveals a lot about you and is usually monetised in ways that personal details are not.

There are other kinds of data collection that you might not even know about. For example, did you realise that some companies analyse the way you type or use your smart device? Biometric data like facial recognition is also used to collect information, something that Facebook and Instagram were both in hot water over last year.

Sometimes data is given willingly by users, but too often people don’t understand the specifics of what is being given up when they tick a consent box. The finer details are part of a hard-to-read service agreement that’s often overlooked.

Many apps use your location to target you with custom advertisements, but they don’t make it clear that your data might then be sold to a third-party so they can analyse the local shops or businesses you visit.

You’ll be aware to an extent that you’re being tracked. After all, the same advertisement following you from web page to web page is a bit of a giveaway. But few people realise companies aren’t just analysing clicks, but also the exact movements of a user’s mouse.

The adage ‘nothing in life is free’ is a good one to bear in mind here. The way companies see it, you’re receiving something in return for your data being monetised, by getting to use their app or services (Facebook, Instagram, Google Maps, etc) for free. You’re essentially paying for the use with your personal data, which is then used to target you with ads, in an ongoing cycle.

The engagement issue

A huge issue in data harvesting is the way it can influence the way you behave online in social spaces too. A prime example is the curation of your social media algorithms, showing you a systematised feed.

This leads to users being stuck in a virtual ‘echo chamber’ that manipulates thinking and social interaction, promoting polarisation and radicalisation on certain topics.

Although it’s not a new problem online we’ve seen many examples of the damage this can do during the pandemic and the social and political upheaval of the past year.

Engagement is far and away the highest risk issue online today. Again, this is something that most people are blissfully unaware of.

Data gathering for security

In some cases, data gathering for behavioural insight is required for security. This leads to an issue where a careful balance needs to be struck, and extreme care needs to be taken over the safeguarding of data collected for this purpose.

A prime example is in the hospitality and leisure industries, with establishments collecting, storing and sharing (if required) customer data for use in ‘track and trace’ during the pandemic.

We fully believe that as an individual you have the right to decide how your personal data is shared, to retain control over said personal data, and to be confident that it’s being used ethically.

Organisations and institutions have the responsibility to ensure that they’re using the correct methods for handling, storing, processing and sharing personal data, and doing this in a way that’s compliant with regulations.

We’re here to help

At Croft, we’re committed to ‘doing it with care’. For us this means doing the right thing, because it matters — and we care about why it matters. When it comes to the privacy and security of our clients, we treat this with the highest priority, because it’s part of our mission to care for our customers, care for our company, and consider the impact of our actions.

We’re honoured to have the privacy and trust of our clients. If we sound like we could be a good fit to help with your business communications and technology, then please get in touch!

Contact the experts at Croft on 01920 466 466.

Croft are delighted to be joining forces with leading communications provider, P2C Communications.

P2C Communications are dedicated to providing customers with a white glove service, building an exceptional reputation for customer care alongside innovative and cost-effective telecommunication solutions. With a shared passion for service, together we will be able to offer customers a full range of communications solutions – from business phones, hosted telephony and connectivity, right through to managed IT provisions and cyber support.

We are excited to be joining Croft and the additional capabilities this merger offers us, while being able to maintain our high levels of customer service.  We will now be able to offer bespoke mobile phone services on all of the major networks with options for flexible handset purchasing & leasing, plus dedicated account management to support internal teams.”- Trina Dixon, Customer Service Director at P2C Communications

We look forward to welcoming Trina, Pete and team to the Croft family, expanding our presence across the UK with the retention of their Surrey based office.

Be the first to hear our latest news!

Keep up with all the updates from Croft by following us on social media:

As club sponsors, at Croft Communications, we are delighted to be supporting Berkhamsted Raiders CFC, helping them raise additional funds via our Grassroots Initiative. 

How it works- 2 simple steps

  1. Redirect your existing business communications spend to Croft’s cutting-edge telecoms and IT support services, increasing business efficiency, productivity and profitability.
  2. Croft then immediately inject a % of the cash you spend back into the club!

This could add up to a sizeable donation in the hundreds – or even thousands, every year. An enormous impact on Berkhamsted Raiders fundraising efforts.

Football-coaches-wearing-jackets-featuring-croft-logo

No effort or hassle – Croft take care of everything

Where do I sign?

For more information on how you can get involved visit The Grassroots Initiative and fill in our online form OR contact Cassie Peasnell, Croft’s Marketing Manager, at [email protected] / 01920 466466

The world of cyber and IT can be a complex place and often confusing for businesses trying to manage the best systems and procedures to put in place.

Following on from our Cyber Essential series, our next set of webinars look at how you can get more from the systems you already use. Each power half-hour, will give you the tools and information you need to increase your team’s productivity and start using your programs like a pro.

Texts, tasks and tracks with Excel superpowers

Thursday 5th May- 10am- 10:30am.

Monday 9th May- 1pm-1:30pm.

Excel is much more than spreadsheets and data. In this 30-minute session we will give you the tools and knowledge to automate texts, create tasks and track all within Excel!

Microsoft 365: The apps you didn’t know you had!

Wednesday 1st June- 10am-10:30am.

Tuesday 7th June- 1pm-1:30pm.

Did you know you have 100’s of apps available to you via Microsoft 365?  We’ll go through the top apps available to you, how to add them to your set up, and how to make the system work harder and more effectively for you.

Spaces are limited so please register today, by clicking on the links next to your preferred dates.  Joining details will be sent direct from Microsoft Teams.

Missed our Cyber Essentials sessions? Watch now on our YouTube channel.

Croft are delighted to announce that we have joined forces with Wardman UK, specialists in cyber resilience, security, and ICT services.

Formed in 2009, Wardman UK provide customers complete peace of mind by offering expert support and protection across all IT, telecoms, and software platforms. Building an exceptional reputation for first class customer service, Charles Wardman and the team will be joining Croft as part of the merger and rolling out our Cyber and Managed Service platform to our 4,000 clients.

“I’m excited to be joining Croft and the benefits this merger brings. By combining our skills and services we will be able to provide a more comprehensive offering to all our customers, while maintaining high levels of support and care.” Charles Wardman, Director of Cyber & Managed Service Provision

As part of our continued expansion in ICT products and services, this partnership increases our technological and cyber skills, enabling us to offer a greater range of best-in-class services to our customers. With their extensive experience and knowledge in cyber essentials, and cyber incident response, we are delighted to be welcoming Charles, Mark and Christopher to the Croft team.” Mark Bramley, Croft CEO

Watch this space!

For webinars, introductions and cyber opportunities and exciting new services and products. Keep up with all the updates from Croft by following us on social media: