People are the weakest link
This sounds like a nightmare too impossible to happen. US soldiers putting sensitive information online in non-secure third party websites. It defies belief, yet we’re reading that it happened. The story popped up on ‘Gizmodo’
It is alleged that US Soldiers were saving sensitive information on a couple of common flashcard sites, presumably of things they were trying to memorise and learn. Even worse, their settings were on ‘public’ not ‘private’
It’s a classic warning about the risk of people, however well intentioned, saving critical data online in places the organisation is unaware of, and can’t control. That’s why our new KARE for Security S2 plan helps identify use of these sites in your organisation.
US Soldiers Accidentally Leaked Nuclear Weapons Secrets: Report (gizmodo.com)
Shadow IT
Shadow IT is one of the largest threats to data privacy in organisations today.
It’s not necessarily because these sites are going to be hacked, although that’s always possible, but just because if you don’t know the tools are in use, then there is no way that you can manage them!
The first step to maintaining this data is to identify it! That’s why you need new tools that are cloud focused. If you’re still using the same old security tools that you used to use prior to the cloud, then you are not keeping up and we need to talk!
Who really controls your firm’s IT systems and your data?
You know who owns and leases your operational equipment, or your buildings, plant and other physical facilities. Can you say who controls your IT? How flexible is your IT supply chain to meet your partnership's ongoing needs? Given how vital IT is to your legal...
IT is more than silicon – have you ever stress tested the human side of your firm’s I.T?
Every chain relies on every link, and the stronger each link, then the stronger the chain - hence the saying about the weakest link. Your IT chain has people - we need to think about them - the IT staff, the users, and of course the management structure around them....
Are you maximising your firm’s technology investment?
When your firm last made a significant IT investment, you had a clear understanding of why you made it and the return you were seeking to achieve. You might even have had to justify it to a partners' committee and make various assurances that it was the best thing...
Are the appropriate IT Governance controls in place to protect your Firm’s Value?
In most organisations, and law firms are no exception,, IT has grown organically, meeting business needs as they arise. Those demands have come through thick and fast from almost all areas of the organisation's operations. IT has become integral to almost all...
Obligations to the firm’s Partners and Management
Are you meeting your obligations to your firm's stakeholders? Until relatively recently a law firm's management committee typically only got involved with IT when the management wanted to proceed with a major capital investment - a system refresh, new practice...
2021 Trend Reports confirms cyber-security advice
How many people DON’T report ransomware attacks? It’s too early to see the Q42021 results from CertNZ but their Q3 report tells there were 2,072 incidents that they responded to in Q3 and fraud/scam’s were up 25%. Their report confirms that the very risks we have been...
Hackers Caught! Millions Seized
Crime doesn’t always pay. The FSB reports (if you can read Russian) that they have taken down the “Revil” band of hackers. These are the people that have caused absolute havoc, from disrupting the US oil pipelines, to the Kaseya attack that took out businesses all...
Kinetics COVID Policy
Our Covid-19 approach. A number of clients and partners are asking us about our Covid-19 policy, so we thought we'd share it! Like many workplaces, we've extensively consulted our team and worked through their range of views. Our workplace requires all visitors...
5 quick tips to help you save time every day in 2022
Who knows what 2022 will bring. We’re as happy as the next person to make predictions but we’d just predict we’d be wrong! About the only certain guess is that we’ll be under more pressure and with that, it makes sense to share a few everyday IT tips. 5...
Do you need to worry about the “Log4J” Cyber Security Zero-Day breach?
Mainstream media is abuzz with the latest software vulnerability. It is in a commonly used component called Log4J 2. This component is in widespread use and the risk is real. This is a fast paced and quickly changing alert. At the time of writing, the immediate...