month

now browsing by tag

 
 

#cyberfraud | #cybercriminals | Cyber Security Month: How clean is your Contact Centre?

Source: National Cyber Security – Produced By Gregory Evans

Cyber Security Month: How clean is your contact centre? – Cyber Security Month aims to teach ‘cyber hygiene’ tips to consumers— but companies need to scrub up too, because contact centres can have dark corners where fraud festers.

One of the big themes of this year’s European Cyber Security Month is cyber hygiene — and how consumers can follow the kinds of daily routines, checks and behaviour that will help them to stay safe online.

The campaign offers security tips and advice to the public which ranges from using a firewall and not leaving your laptop unattended, to remembering to use a password on your phone and never opening email attachments from unknown sources.

It’s simple, sensible stuff. But consumers’ diligent personal care could be undermined — if the organisations they trust become breeding grounds for security problems themselves, especially around card payments.

During Cyber Security Month, Eckoh’s big question for companies is: How clean is your contact centre?

To find out, here are three ‘sniff tests’ for organisations:

Test #1: Are you still asking customers to read out card details over the phone?

In theory, there’s nothing wrong with this — but it’s risky if contact centre agents can hear the card numbers, see them on the screen, or be able to access them from call recordings.

Card Not Present (CNP) fraud is predicted to reach £680m in 2021[1]. All it takes is a rogue agent copying a person’s card details or doing this on a large scale and selling numbers to criminals.

Alternatively, digital card records could be hacked or even shared accidentally by clumsy employees.

The average UK company uses three different solutions to handle call payments. But they’re often fraught with risks and awkwardness. Pause-and-resume methods are prone to errors and feel disjointed, as agents dip in and out of conversations.

It’s also a poor customer experience if calls are transferred to another department for the ‘payment bit’. Rigorous agent vetting and the setting up of clean rooms, where pencils and mobile phones are banned, can help to raise security levels. But there’s always the risk of a lapse and a few bad apples.

Increasingly, consumers understand the sensitivity of their data and feel uncomfortable handing it over to strangers. In fact, 68% of consumers believe that reading their card details out over the telephone is not secure[2]. Customers need a payment system that gives them absolute reassurance.

Test #2: Can you handle every kind of payment securely?

The way consumers prefer to interact with organisations ranges from the web, phone calls and mobile apps, through to email, web chat, social media and more. In fact, some customers will flit effortlessly between these channels and expect organisations to keep up.

Increasingly, they’ll also expect to pay for items via whichever channel they happen to be using at any time.

What’s more, they may want to pay for items in a host of different ways. It’s worth noting that over half of all online transactions will be made using alternative payment methods by 2021, according to Worldpay.

This explosion in contact channels and payment services creates enormous pressures on contact centres. When it comes to card security, the ‘attack surface’ within contact centres is stretched more and more.

Companies can’t say ‘No’ to customer demands — or say ‘Yes’ to taking risks. They can’t afford to be able to handle some payments securely but take a chance with others. Criminals will hunt out any weak links, so it’s important that security is rock solid on every channel.

Test #3: Are you putting too much faith in PCI DSS compliance?

This sounds a bit like a trick question. Every company that accepts, processes, stores or transmits credit card information must achieve compliance with the Payment Card Industry Data Security Standard (PCI DSS) which puts you on the right track for processing card payments securely and reducing card fraud.

But PCI DSS is only a standard, it’s not a guarantee. Even if your contact centre achieved PCI DSS compliance a few weeks ago, you can’t be sure your security is watertight today. You’re still at serious risk of a data breach if there’s any lapse in security — an uncomfortable truth that can keep executives awake at night.

And it can happen all too easily. In fact, 90 percent of data breaches are caused by human error. What’s more, while compliance addresses some aspects of data protection it does not guarantee a secure contact centre.

So what’s the best way forward?

Cyber Security Month is a great way to educate consumers about staying safe. But more companies need to get serious about securing sensitive data, especially people’s card details.
A security breach can have devastating consequences. Even for small companies, the average cost of a cyber breach can be £267,000, so it’s no wonder that 87% of companies view cyber liability as one of their top 10 business risks.

Faced with growing threats and more data to defend, companies are increasingly looking to trusted payment partners to give them PCI DSS compliance and maintain it for them — by actually managing secure payments on their behalf.

With the right approach, contact centres can take payments over the phone, web and other channels, but sensitive card information is never heard, seen or recorded by their staff. Any sensitive data is simply passed seamlessly to their payment partner who authorises the transaction, without card details ever entering the contact centre’s environment.


Additional Information

Companies can discover more about contact centre security by downloading a free copy of the CNP guide from Eckoh.

It profiles fraudsters’ range of tactics — and the defence measures that organisations can take to stop them. Click Here to Download

Eckoh is a global provider of secure payment products and customer contact solutions, supporting an international client base from its offices in the UK and US.

Our secure payments products, which include the patented CallGuard, can be hosted in the cloud or deployed on the client’s site and remove sensitive personal and payment data from contact centres and IT environments. The products offer merchants a simple and effective way to reduce the risk of fraud, secure sensitive data and become compliant with the Payment Card Industry Data Security Standards (“PCI DSS”) and wider data security regulations.

Eckoh has been a PCI DSS Level One accredited Service Provider since 2010, processing over £1.5 billion in card payments annually.

Eckoh’s customer contact solutions enable inquiries and transactions to be performed on whatever device the customer chooses, allowing organizations to increase efficiency, lower operational costs and provide a true Omni-Channel experience. We also assist organisations in transforming the way that they engage with their customers by providing support and transition services as they implement our innovative customer contact solutions.

Our large portfolio of clients come from a broad range of vertical markets and includes government departments, telecoms, retailers, utilities, travel, transport, hospitality and financial services organisations.

For additional information on Eckoh visit their Website or view their Company Profile

Source link

The post #cyberfraud | #cybercriminals | Cyber Security Month: How clean is your Contact Centre? appeared first on National Cyber Security.

View full post on National Cyber Security

Stay safe this National Cyber Security Awareness Month

Source: National Cyber Security – Produced By Gregory Evans

October marks National Cyber Security Awareness Month, a time that acts as a valuable reminder for organisations to evaluate their cybersecurity. In this year alone, 55 per cent of UK businesses have been targeted by cybercrime, which is up by 15 per cent on last year. There has never been a better time to address cybersecurity and bring awareness to the forefront of people’s minds.

Taking this opportunity to highlight key concerns, eight IT experts have weighed in to explain the risks of cybercrime and how best to improve cybersecurity.

Employee awareness

In this day and age, a cyberattack is, unfortunately, more of an inevitability than just a mere threat. So, businesses need to accept the fact that mitigation technology is a necessity.

Steve Nice, Chief Security Technologist at Node4, continued, “This Cyber Security Month, it’s important for organisations to recognise how to strengthen their security to prevent potentially devastating attacks from harming them. It’s the responsibility of the IT team to ensure that the business’ security is up to speed, and so a Vulnerability Testing programme can help the team understand where the weaknesses are and support these areas. This means that valuable time – and money – can be saved from being spent on unnecessary security infrastructures before knowing where the holes in the defence really lie.”

“However, it’s not just the technology that needs to be supported. Regardless of how many layers of protection IT teams implement, the weakest link is the people involved. Managing this is essential in any cybersecurity strategy, so it’s vital to ensure that all employees are fully up-to-date with the latest security protocols and processes in the company. This is a key part of cybersecurity, and even more so because the human element is the hardest to control and measure effectively.”

As Avi Raichel, CIO at Zerto agreed, “Cyberthreats such as ransomware can be a huge threat to businesses, and even just a single employee clicking a malicious link in their emails will mean a ransom must be paid for all business data encrypted. Cybercriminals often exploit vulnerabilities in employee emails, so it is crucial to have the right cyberdefences in place to avoid a disaster where customer data, and a lot of money, could be at risk.”

“Having an extensive tiered security model and instilling a strong cybersecurity-aware culture across all employees will help minimise risk. But, the attack itself is only half of the problem because, without sufficient recovery tools, the resulting outage will cause loss of data and money, as well as reputational harm.       

Paradigm shift

Paul Rose, CISO at Six Degrees, suggested that it is time for a paradigm shift in the way we view cybersecurity.

He continued, “The threats are known, documented and evidenced. But the fact remains that even mentioning the word ‘cybersecurity’ in the boardroom can elicit eye rolls, shuffling in seats and muttered excuses to leave.

This year’s National Cybersecurity Awareness Month is all about each and every one of us doing our part to make sure that our online lives are kept safe and secure. Effective cybersecurity requires continual top-down engagement throughout the organisation, and that starts in the boardroom. Cybersecurity needs to be put on the executive agenda; it should be placed in the context of the continuing success of the organisation in terms of the impact of any breach.”

Sascha Giese, Head Geek at SolarWinds supports this point, and stated, “With every passing year, the public sector is becoming increasingly aware of the onslaught of cyberattacks it faces, with an increase in the number of organisations reporting over 1,000 cyberattacks in 2018 compared to 2017, as revealed this year through a SolarWinds FOI request. Public sector IT professionals are working every day to ensure the data their department holds is kept secure. While tools and technology are of course the most solid defence against security threats, public sector IT pros should also consider the following three steps to achieving a stronger security posture: leadership setting the right example; regular and effective training for all teams; and ensuring security policies are revised frequently to keep up with the latest threats.

“U.K. government IT professionals are trusted with data by citizens, and so to give them confidence this information is being kept safe, organisations in this sector must adhere to strict security policies. And, to keep on top of security, having initiatives supported by everyone – not just the IT team – are the crucial part of the puzzle.”

Security processes

Hubert da Costa, Senior Vice President at Cybera identifies the importance of embedded security in modern businesses. “The adoption of mobility, big data, social media, cloud and the Internet of Things is extending traditional enterprise perimeters, making them complex and difficult to secure,” he said.

“Far too often, application security is an afterthought if it is addressed at all. The solution is to embed security directly into the fabric of the network, striking a balance between user experience, security, and affordability. This approach combines defence-in-depth, micro-segmentation and continuous network monitoring.”

John Ford, CISO at ConnectWise added to this discussion, stating, “The simplest thing SMBs can do to protect themselves from cyberthreats is to enable multifactor authentication. Essentially, that means having more than just a password. Most people use it all the time and never even think about it. For instance, when logging into your bank account from something other than your primary computer, and the bank sends a text message to your phone with a code. You enter the code and you’re in. That’s all multifactor authentication is. In cybersecurity, we call it “something you have and something you know.”

While there are all kinds of complex products and technologies companies use to protect themselves – many of them excellent – the fact is, most ransomware attacks can be prevented by this easy-to-deploy process. Yet, multifactor authentication has only recently become widely adopted, despite having been around close to 20 years.”

Additionally, Stephen Gailey, Head of Solutions Architecture at Exabeam, commented, “Almost all of the huge breaches we read about in the news involve attackers leveraging stolen user credentials to gain access to sensitive corporate data.  This presents a significant problem for security teams.  After all, an attacker with valid credentials looks just like a regular user.  Identifying changes in the behaviour of these credentials is the key to successfully uncovering an attack.  But in an age of alert overload, security teams are often overwhelmed and can struggle to make sense of the data in front of them.

Applying User and Entity Behaviour Analytics (UEBA) to the data already collected within most organisations can help security teams connect the dots and provide a useful profile of network user activity.  By connecting the dots and creating a map of a user’s activities, even when the identity components are not explicitly linked, security teams can create baselines of normal behaviour for every user on the network.  This makes it easier to identify when a user’s activity requires further investigation.  It may not stop you being breached, but it will tell you about it before the damage is done.”

Filling the breach

Matthew Buskell, Area Vice President at Skillsoft lent his insight regarding the skills gap within cybersecurity.

“Cybersecurity is one of the most diverse and thrilling fields, open to anyone with an inquisitive, analytical or determined mind. Perhaps paradoxically, it is also facing a significant talent shortage. Research by (ISC)² estimates that almost three million cybersecurity positions remain unfilled. With organisations crying out for new cybersecurity professionals, how can you make the leap?”

“A career in cybersecurity is no longer as elusive as it once was. The path to cybersecurity success is about learning and – crucially – demonstrating drive and passion.

“For anyone with an IT background, there are plenty of training options to support a transition into a cybersecurity role. However, for those currently in non-technical positions, mid-ladder career changes are becoming easier than ever. Indeed, much of the training needed is available online. If you’re thinking about a move into the industry, Cybersecurity Awareness Month might be the perfect time to kick-start your career change.”

With the constantly evolving threat of cybercrime, Cyber Security Awareness Month provides the opportunity for organisations to take stock of the security systems they have in place, the training provided and the importance placed on countering these ever-changing threats.

IT Experts

Source link

The post Stay safe this National Cyber Security Awareness Month appeared first on National Cyber Security.

View full post on National Cyber Security

October is #National #Cybersecurity #Awareness Month

Source: National Cyber Security – Produced By Gregory Evans

Malware. Ransomware. Data breaches and hack attacks. These may have all been foreign terms just a year ago, but not anymore. Consumers are much more aware of digital threats, thanks in large part to that massive attack on the credit reporting bureau Equifax.

Millions of Americans had their data compromised in that attack. While many took steps to protect themselves, we know a lot of consumers simply ignored the threat altogether.

Are you guilty of procrastinating when it comes to your digital defenses? Don’t worry, now is your chance to act. October is National Cybersecurity Awareness Month. Over the next several weeks, Better Business Bureau Northwest + Pacific will offer you tips and advice to protect yourself, your family, your business and your community.

First things first, follow these steps to protect your personal information:

Keep a clean machine: Ensure all software on internet-connected devices – including PCs, smartphones and tablets – is up to date to reduce risk of infection from malware.

Lock down your login: Your usernames and passwords are not enough for the personal data protection of email, banking and social media. Begin your spring cleaning by fortifying your online accounts and enabling the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device.

Declutter your mobile life: Most of us have apps we no longer use and some that need updating. Delete unused apps and keep others current, including the operating system on your mobile device. An added benefit of deleting unused apps is more storage space and longer battery life. Actively manage your location services, Bluetooth, microphone and camera – making sure apps use them appropriately.

Do a digital file purge: Perform a good, thorough review of your online files. Tend to your digital records, PCs and phones and any device with storage just as you do for paper files. Start removing digital clutter by doing the following:

Clean up your email: Save only those emails you really need, and unsubscribe to email you no longer need/want to receive.

Back it up: Copy important data to a secure cloud site or another computer or drive where it can be safely stored. Password protect backup drives. Make sure to back up your files before getting rid of a device, too.

Stay tuned. Next week we will discuss tips to help protect your business and work information.

For cybersecurity tips, other scams and the latest alerts, download the BBB App at bbbapp.org. Anyone who feels they may be a victim of a cybercrime should report it to local law enforcement and BBB Scam Tracker at bbb.org/scamtracker.

Stephen Mayer is marketplace manager of the Better Business Bureau, serving the Snake River Region from Ontario to Jackson, Wyoming. For more information, visit bbb.org or call (800) 218-1001.

Source: https://www.argusobserver.com/business/october-is-national-cybersecurity-awareness-month/article_ad90f79a-c453-11e8-8f66-93d95f51fefb.html

The post October is #National #Cybersecurity #Awareness Month appeared first on National Cyber Security .

View full post on National Cyber Security

Five cool things happening for National Cyber Security Awareness Month

Source: National Cyber Security – Produced By Gregory Evans

National Cyber Security Awareness Month (NCSAM) is in full swing. The month and its events have become top of mind for people and businesses in recent years, given the staggering number of recent data breaches and global ransomware attacks. The Equifax data breach, WannaCry ransomware and Petya/NotPetya attacks have dominated the news headlines. So, where…

The post Five cool things happening for National Cyber Security Awareness Month appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

During Cybersecurity Awareness Month, Experts Say Too Many Remain Unaware of Threats

Source: National Cyber Security – Produced By Gregory Evans

After an onslaught of hacking, breaches and malware this year, and the resultant waves of publicity, National Cybersecurity Awareness Month should be a bit anticlimactic. But for some people, the message never gets old. One of the organizations most aware of cyberthreats and most active in countering them is CIS,…

The post During Cybersecurity Awareness Month, Experts Say Too Many Remain Unaware of Threats appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Three month old died parents shook him to death

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ A baby boy died from severe brain damage after he was shook by his parents, a court heard. Ah’Kiell Walker, from Gloucester, was discovered freezing cold and soaking wet, with his …

The post Three month old died parents shook him to death appeared first on Become007.com.

View full post on Become007.com

The cruel irony of Autism Awareness Month: There’s still much to learn about autistic people

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ There is a cruel irony to John Benjamin Haygood’s being arrested during Autism Awareness Month. Video has gone viral of Haygood, a 10-year-old boy who is on the autism spectrum, being …

The post The cruel irony of Autism Awareness Month: There’s still much to learn about autistic people appeared first on Become007.com.

View full post on Become007.com

6 Changes To Make In Your Dating Life During App-less April, A Month Without Dating Apps

Whether dating apps are causing a “dating apocalypse” or are merely the easiest way to get a date, there’s no denying these tools have been total gamechangers in the dating scene within the last few years. And even though dating apps are most popular among millennials, according to a recent Bustle survey with dating app Happn of over 1,000 dating app users, 78 percent of women and 85 percent of men still want to meet people IRL. Read More….

The post 6 Changes To Make In Your Dating Life During App-less April, A Month Without Dating Apps appeared first on Dating Scams 101.

View full post on Dating Scams 101

Joint Effort To Promote National Child Abuse Awareness Month

April is National Child Abuse Awareness Month and the Children’s Safety Center of Washington County & the Children’s Advocacy Center of Benton County is teaming up to enhance the message on this initiative.

Residents can join the fight against child abuse with the Children’s Advocacy Center of Benton County by participating in Pinwheels for Prevention. This event is held annually, all across the nation during the month of April, which is Child Abuse Prevention month. This nationally recognized event acknowledges the importance of communities working together to prevent child physical and sexual abuse.

Banners and pinwheels are placed outside of businesses and homes all across America during the month of April to raise awareness of the abuse that is happening and the advocacy centers that are here to help.

Read More

The post Joint Effort To Promote National Child Abuse Awareness Month appeared first on Parent Security Online.

View full post on Parent Security Online

Fraud Prevention Month: Police provide tips to avoid being scammed

March is Fraud Prevention Month, and also, the beginning of tax season. Waterloo Regional Police’s fraud branch says the majority of fraud reports they’re receiving lately, are from residents claiming they’ve been contacted by the Canada Revenue Agency, and asked to pay a fine. “Never give out personal information about yourself, your bank, your credit history, your birth date, your social insurance number, so private information should never be released,” says Staff Sergeant Alison Bevington. The Canada Revenue Agency and other businesses will not ask for detailed personal information over the phone or e-mail. Read More….

The post Fraud Prevention Month: Police provide tips to avoid being scammed appeared first on Dating Scams 101.

View full post on Dating Scams 101