Treat or Trick

Halloween is coming and the tradition is once annually.  It is a children's custom of calling at houses at Halloween with the threat of pranks if they are not given a small gift. In cyber world, this happens every now and then.  You get an email saying you are being selected for award (free air ticket, free miles, lottery, an estate etc.) but you need to register or pay admin fee to claim.  If you trust such too good to be true, you are phished leading to various consequence ranging Leakage of you PII (Personal Identifiable Information) Leakage of access credential of email, ebanking or any registered web portal Financial loss Collateral damage to those you know as using your identity will increase the trust level at the 2nd degree phishing attack against your friends Criminal act as activities are executed under your identity Therefore, it's treat AND trick in cyber world.  Strengthening human awareness cannot be overlooked....
Read More

Assumption #2 (2nd topic)

No matter individual or enterprise, there are information stored in the cloud. The pre-requisite to use cloud is the communication line from your end point to the hosting location. Most rely the as-built cyber protections like TLS, 2-step authentication offered by the provider. No doubt, these are deemed secure. But if your information is of high value, you need to consider the appropriate level of extra layers, e.g. single tenancy, dedicated hosting location with physical access control,  further end-to-end communication encryption, database level encryption or tokenization, periodic security assessment, regular situation awareness to keep your people from being victim of spear phishing attack. All these don't mean 100% security but to demonstrate your due diligence to secure your data....
Read More