Mike Wills - page 2

Christmas is a distant memory.  Corona Virus is still around, but with hopefully an end in sight, and
Easter is just around the corner.  In the pre-Christmas issue of Gibraltar Insights, we outlined three simple steps that you can take to make you, your family, your business and Gibraltar more secure and #hardtohack.  In this issue we will introduce three more steps to continue building your cyber resilience.

While banking security continues to become more secure, as we have already discussed changing passwords breaks the chain if your personal data has been breached. So, as an additional precaution change your online banking password regularly. Yes it’s a faff. Yes, it’s easy to find something else to do. Yes, you are going to have to choose and then remember a new password. However, ask yourself this. Are you absolutely, 100% confident that your bank password is not compromised? Is there a chance that you may have used the same password for another login elsewhere? Could that service have been breached and the data compromised and made available to cyber-criminals? How concerned would you be if a criminal could access your bank account and take money from you? If your answer is, I am not 100% sure that I have not used the password elsewhere, and that they have not been breached, and/or I would be devasted if a criminal could access my bank account, then change your password!!! It should take you no more than five minutes, and by doing so will mitigate that gut wrenching, vomit inducing risk of discovering your bank account or savings have been cleared out. Invest time in your security. Be #hardtohack.

Does your Wi-Fi router have a password for you to access your Wi-Fi? I suspect so; however, what you may not know is that your Wi-Fi router also has an admin password to enable you to manage settings within your router, including the ability to change your Wi-Fi access password. While not true of all routers, often the admin password to access your router is a standard factory password. So what? Well consider it this way. How many times have you gone to access a Wi-Fi network and you have been given the option to join the network of the house or business next door? If a device can pick up a Wi-Fi network next door, this also means that a cyber-criminal could access your Wi-Fi network from outside/nearby your home or business. Most Wi-Fi providers identify themselves by their brand names in order for you to recognise and join them. This means that a cyber-criminal can identify what internet service provider you are using, Google what web address is required to access the web-based admin portal and also Google the factory standard password. Ok, but so what…? Well, if you have not changed the admin password, a cyber-criminal can gain access to your router, change the router password so you cannot access the admin area, identify all the devices on the network for further exploitation and, if they wanted to, change your Wi-Fi access password – just to be annoying. To prevent this, change your Wi-Fi router password! And make note of it! To do this find the instructions for your router and the process to login into the admin area. Alternatively do as the cyber-criminal would do and google the IP address for your router’s admin portal, and while you are at it the factory standard password.

What on Earth do you mean? What are they, and why would I? Setting Quad9 as your DNS server is a web navigation setting on your device. It protects you, your family or members of your business from inadvertently navigating to and landing on bogus sites and infecting devices with malware as a result of a mis-typed website URL. We all do this from time to time, and cyber criminals know this. They hedge their bets and replicate the site you wanted to go to on the mis-spelt domain. You land on the page knowing no difference because it looks almost identical. You then click on a menu item or link and without realising you have executed malware and/or ransomware on to your device – cue potential issues. Quad9 is run by a non-profit entity called the Global Cyber Alliance. It is founded by various law enforcement and research organizations to help reduce cyber-crime. The service warns you when you might be navigating to a commonly mistyped or spoofed sites. Google “Quad9 Set Up” or search Quad9 on YouTube for a super simple explanation about what their service provides and how to implement it on Windows or a Mac in six simple steps.

For the first 3 steps in the #HARDTOHACK series check out the December edition at www.gibraltarinsight.com or Issuu.com

Michael Wills is co-founder and chief data officer for CSS Platinum.
For further information on the company and the services it provides to Gibraltar businesses and the international yachting industry, please visit https://cssplatinum.com and/or email support@cssplatinum.com.

The fundamental need of any business is to provide service excellence to customers in order to remain in and grow their business. Without customers, a business cannot not survive. Without a solid reputation for excellence, it cannot grow. If the trust of a customer is lost, you will likely lose the customer. Furthermore, if you lose publicly the trust of the marketplace, even with deep reserves, you will struggle to attract new customers.

The sure-fire way to compromise the trust of your customers is by losing their personal or commercial data or compromising their privacy.  There are no second chances following a successful cyber-attack and data breach, and there are no warm-up opportunities.  A cyber-attack need only be successful once, with any amount of data stolen, for privacy to be compromised, trust destroyed and uncertainty in a business’ excellence to be questioned – cue exodus of customers.  While no security programme is infallible, the harder a business is to hack, the greater likelihood another business will be targeted, and a breach averted.  Be easy to hack and you will be.  It is no longer a case of if, rather when.

To retain your customers, an overwhelming degree of trust in your ability to protect their personal data and privacy is expected.  Either your data security and cyber security is robust enough or it isn’t.  The frequency and sophistication of attacks increases daily – being lucky to date, does not correlate to being lucky in the future.

What is the importance of excellence in privacy and security?

Excellence is defined as the quality of being outstanding or extremely good.  Once a customer is contracted, excellence in the acquisition of other customers does not concern them; conversely excellence in the management and security of their affairs very much does.  If asked, any customer will state that on an importance scale of 1 – 10, the value they place on their privacy and security is 10.

Yet presently, only a very small number of businesses allocate specific budgets and resource to cyber security, and often the IT department will be expected to do what they can for cyber with an already under resourced IT budget.  Conversely, businesses will allocate large sums into their marketing, business development and sales functions to continue to attract new customers.

So, with maintenance of trust and protection of personal data and privacy being at importance level 10 why do most business fail to apply the corresponding focus on customer privacy and security and choose to adopt an: “we’ll be alright mentality?”

Managing cyber security, or cyber risk management, can be a frightening prospect.  As a relatively new and technical discipline, it can be daunting for a business without internal expertise to know what to do, where to invest and understand what good looks like.  Guessing, piecemeal action and sporadic investment is not an effective approach of excellence to cyber security and will leave gaps in security and a business vulnerable.

Why you need to take a framework approach to your Cyber Risk ManagemenT.

The best approach to achieving the greatest resilience is a comprehensive approach to all cyber threats, obviously….  But what does comprehensive look like in cyber security and who decides?  A comprehensive approach involves mitigating appropriately each type of cyber threat.  To enable the component threats of cyber-attack to be easier to understand and aid management, cyber security has been broken down into individual threat areas.  The threat areas are presented as a framework that businesses can use to ensure a comprehensive approach.

There are a number of international organisations across the globe that have established best-practice frameworks for managing cyber resilience.  These frameworks have evolved over time and in response to emerging threats, market experiences, academia and industry best practice.  The United Kingdom’s National Cyber Security Centre (NCSC) 10 steps to Cyber Security is an example of such a framework.

Why Cyber Security Risk Management is an ongoing commitment.

Once is not enough!  Just as today’s cyber security framework evolved over time and in response to events, cyber threats continue to evolve every day.  The explosion of Internet of Things devices, artificial intelligence and the prospect of 5G/6G will present ever greater challenges.  Like it or not, today’s businesses stand in the middle of a cyber battlefield in a war that is unlikely to end.  Cyber risk management must become a cultural consideration for every business.  Just as one considers the health and resilience of their body to lead a full and fulfilling life, so now must businesses and individuals alike take constant consideration in their interaction with their digital landscape to ensure they remain resilient to cyber threats.

Michael Wills is co-founder and chief data officer for CSS Platinum.  

For further information on the company and the services it provides to Gibraltar businesses and the international yachting industry,
please visit https://cssplatinum.com or email support@cssplatinum.com.

Christmas is almost us upon us!  Unfortunately, at this time of year there is a heightened risk of cyber-attacks due to among other things an increase in email traffic marketing Christmas gift ideas and then post-Christmas sales.  This presents an increased risk of phishing attack.

In the last issue of Gibraltar Insights, we described one of the ways that cyber criminals target individuals and business.  In this edition, we have outlined 3 simple steps that you can take to make you, your family, your business and Gibraltar more secure and #hardtohack.

Step 1 – Password management

Change your password.  Now, right now. Please.  Yes, it’s a faff; yes, you will need to think of a new password and then remember it.  Yes, you could do it tomorrow, but you won’t.  Do it right now. NOW!

As we described in our last article, there are millions of emails and passwords for sale on the Dark Web that have been breached by companies that have not protected your personal data sufficiently.  Cyber criminals can buy this data for pence/cents and use a computer algorithm to test the email / password combination against web facing email portals – think: Hotmail, Gmail, Microsoft 365 etc – to gain access to your emails. They will look for social media accounts and online high-street accounts and then test your email password combination to gain access. From this they can gather more personal data until they may have enough to take out credit in your name or use your saved payment cards to make online purchases.

Changing your password associated with each of your email addresses is the single greatest defence you can make to protect yourself against a cyber-attack and will instantly make yourself, your family and your business safer.

Step 2 – Personal Data Breach Identification:

Next it is a good idea to understand whether your data has actually been breached so you can put in place other measures to protect yourself.  First let’s understand the problem.  To do this you can use a free service provided by haveibeenpwned.com (HIBP).  To put your mind at ease, the site is run by ethical hackers.  What is that?  Think of hackers in terms of angels and demons.  Demon hackers are criminals and naught boys and girls.  They are not on Santa’s list.  Angel hackers are those with the same skill set as demon hackers, but with decency, morals and integrity and are good boys and girls. They are on Santa’s list. Angel hackers use their skills to protect mankind.  Legends!

Anyway, enter all your email addresses one at a time into the search function.  HIBP will then tell you whether the email is associated with a breach and if so, what other data has been breached.

Oh no, you been breached. What now? Well because you have already changed your password you have broken the chain and are already safer. What we now need to understand is whether you have been entered into any spambots. Spambots as the name suggests are bots that send spam to you. Some spam is laughable, other spam is highly credible.  The problem is that if you are tired, rushing, distracted and/or hungover and unthinkingly click a link in a spam email, you could have executed malware or ransomware on your device.  Remember, the cyber-criminal only needs to be lucky once, you have to be lucky every time.

So, what to do about it, unfortunately the only way to rectify and avoid your exposure to spam and thus the chances of clicking on a malicious link is by changing your email address.  This is best done by transitioning emails address information on websites over a period of time.

Cue you: “What!!! You are kidding right? I have had this email for a gazillion years.  My world will cease to function if I have to change it.  You have no idea.  No, frankly it’s impossible, inconceivable. I won’t do it… That’s final.”

Don’t be a victim, do the right thing and protect yourself.

Step 3 – Check your Anti-Virus

Make sure your Anti-Virus is installed, activated with a valid licence and updated.  Remember, in life you get what you pay for.  While there is free anti-virus available it will not protect you sufficiently.  Competition to provide the best anti-virus changes year on year between the main vendors, as they achieve technology breakthroughs in response to the evolution in cyber threats.  The best thing to do is check a site like www.techradar.com or www.pcmag.com for reviews of the best current anti-virus.  There are always new customer deals.  We recommend buying a one-year licence, and then when it comes to renew assess which company has moved to the forefront of anti-malware protection.  There will always be new customer deals to be had.

Have a very Merry Christmas from all at CSS Platinum.

Michael Wills is co-founder and chief data officer for CSS Platinum. 
For further information on the company and the services it provides to Gibraltar businesses and the international yachting industry, please visit https://cssplatinum.com and/or email support@cssplatinum.com.

Hello!  You don’t know me; and just so you know, my intent is you never do.  We have become acquaintances through a business associate of mine.  Well I say business associate, what I actually mean is I bought a stack of stolen data from a vendor on the Dark Web. I have no idea who he is, it just so happens the data file had your email details.  I love the dark web, it is soooo easy to buy things these days.  It’s even simpler than popping down to the supermarket, and certainly safer during these Covid times.

Why is your personal data for sale on the Dark Web?  Well you can blame any number of businesses for that.  Chances are they did not invest and resource appropriately the security of your data and were then subject to a cyber breach by some of my fellow hacker comrades.  My comrades are now making money selling your data to any criminal like me who wants to buy it on the Dark Web. 

Oh, and it’s not just your email address, it’s your associated password, address, mobile number, IP address and any number of other bits of information – really useful in my line of work.  I wonder whether your business or employer is easily hackable – note to self, now that I have you email, I should check that later.

A little bit about me.  I don’t live in your country, but now I have your email and password I can access your life as easily as if I lived next door.  I work for myself and from home – don’t we all these days… LoL.  I don’t keep normal office hours, I operate 24/7; and actually, I outsource a lot of my work to my digital workforce – it’s a computer algorithm really, but I think of them as my team.  What is it that I do?   Well thanks for asking.  I am interested in you; your business; who you know, who they know and what I can steal from any or all of you.  Just so you know, this is not personal.  You are not special.  You are merely one of a number of individuals I am getting to know.   I really am a people person; I just don’t like meeting or talking to you.

One thing that fascinates me is the inherent laziness and naivety of human nature.  I love the fact that most people think “Oh it won’t happen to me…”.  Silly, silly!!  If your information is breached on the Dark Web, it is already happening to you.  You just don’t know it.  And not only by me, but any number of other hacker lovies that have bought your data.

Oh, before I forget, thank you for keeping your password the same for your email, your social media accounts and the majority of your other account logins.  I do appreciate it; you make my job much easier.  It really helps me to get to know all about my acquaintances quicker, and make new friends through you and your network of business associates, friends and family.  Sharing is caring!  It also saves me money by not having to buy more data on the Dark Web.  We all need to tighten our belts during these difficult times.  Right!?!  Also, thank you for not installing multi-factor authentication on your accounts.  You have no idea how much it helps to make sure we never meet, and you have no idea what I am doing.  Again, most grateful.

Just a quick overview on how I see our relationship developing.  Now that I have access to your email, I am going to set up an auto-forward rule on all your email traffic.  My team and I are going to record your business and personal contacts and start “making friends” with them.  We are going to review the contents of your emails to establish what information you deal with that may be of value to me, or I can sell on.  I am also interested to see whether any monetary transactions are passing through your account.  If so, I may contact the payer, simulating your witty and elegant writing style, and inform them that you have updated your bank account details.  Clearly these will be my bank account details.

Just so you know, I have real commitment issues and an acute fear of getting caught.  When I decide our relationship has no more value I am going to move on.  It’s not you, it’s me.  As a parting gift, I might infect your device with ransomware so I can bribe you for one last payment.  Think of it as something to remember me by.  We’ll see…

Oh, one last thing, please do not change your password.  I am making a pretty penny selling your details on, so my friends can also make friends with you.

Michael Wills is co-founder and chief data officer for CSS Platinum.  

For further information on the company and the services it provides to Gibraltar businesses and the international yachting industry,
please visit https://cssplatinum.com or email support@cssplatinum.com.

In last edition of Gibraltar Insights CSS Platinum explored ‘Why and How Cyber Criminals Target Businesses and Individuals.’  In this edition they explain what the Gibraltarian business community should do to be #hardtohack.

What should you do?

Cyber criminality is here to stay and will evolve as those that seek to counter cyber threats evolve.  Effective cyber risk mitigation and becoming #hardtohack requires a comprehensive and resourced cyber-security programme, designed to track and evolve to meet with the cyber threats of today and the future.  This takes consideration, planning and investment.

There are a number of cyber security management frameworks available to assist with the implementation of a cyber risk governance; however, to keep things clear, simple, manageable and non-geeky it is suggested that you focus on addressing the following areas:

• Cyber risk governance: 

What gets planned gets done.  All business should undertake a cyber assurance and maturity assessment to understand their cyber resilience and where their risk and vulnerabilities lie.  These can then be prioritised and addressed in accordance with the greatest risk.

“It is only when you know where you are, that you can plot a course to where you want to go.”

• Secure your team: 

Your team are your biggest strength but also an area of great vulnerability.  Your team will have multiple devices in their possession that have trusted access to your digital networks.  You need to protect against their errors, accidents and sadly occasionally their malicious acts.  This is mitigated by selecting the right team in the first place and training them how to recognise threats, attacks and how to use their electronic devices appropriately.  Consider a service like Crew Check to carry out deep and thorough background checks and the Cyber Licence to ensure a consistent level of cyber security awareness training.

• Secure the supply chain: 

It is easy to assume that every one of your suppliers takes its cyber security seriously, but do they it?  How do you know?  How do they know?  Do they know what good actually is?  92% of cyber-attacks are delivered by email.  Suppliers have trusted access to your inboxes and can be used as a proxy to access your networks.  It is good to trust, but better to check.  You should insist on conducting supplier due diligence as a condition of entering into any contract.  This is fast becoming the norm across all sectors and a requirement of the UK’s GDPR.

• Secure against technical attack:  

Mutating-viruses, worms, trojans, ransomware, spyware, DDOS attack.  Frightening, technical geeky digital tools and weapons that the majority of us do not understand or have the faintest clue how to combat.  Thankfully there are many digital technical controls that can be implemented to meet the cyber challenges of today.  Although, traditional anti-virus is not the modern-day solution.  Artificial intelligence threat detection and quarantine systems are the minimum standard.  Cyber criminals use artificial intelligence to reconnoitre and find your vulnerabilities.  To defend against and beat artificial intelligence you need artificial intelligence – we humans simply cannot keep up anymore.

• Be prepared to respond.  

No security programme is infallible.  If a cyber-criminal is committed to their goal, they will find a way.  The trick is being #hardtohack.  Cyber criminals will seek easier prey when faced with a comprehensive and coherent cyber security resilience.  If an attack is successful, halting it as quickly as possible is your primary concern to ensure you can minimise its scope and scale.  What will you do?  Who will you call?  Do you have a plan?  Have you rehearsed it?

• Mitigate against unanticipated costs (Insurance).  

Should a cyber-attack cripple your business you could be facing some hefty costs.  These could include system repair costs (cyber forensic specialists can charge thousands per day), business interruption costs, delay to schedule, knock-on impact to other clients, adverse media coverage, financial damages claims etc.  This can be mitigated by good cyber insurance, but only if the right insurance is purchased with realistic cover and service levels and having met the minimum cyber security standards for the policy to be valid.

Who should the Gibraltarian community trust to support them?

Find a cyber security company that knows your industry/sector and is a trusted commentator and thought leader.  Seek advice from business associations and the police for trusted suppliers.  CSS Platinum can help to…

Regretfully, for most it is not a case of if a cyber-attack will occur, but rather when.  Addressing cyber security can be an intimidating prospect, but when vulnerabilities are prioritised and addressed proportionately and coherently and then governed effectively the end result is that individuals, their businesses and the Gibraltarian community will be #hardtohack.

Michael Wills is co-founder and chief data officer for CSS Platinum.  

For further information on the company and the services it provides to Gibraltar businesses and the international yachting industry,
please visit https://cssplatinum.com or email support@cssplatinum.com.

Back in a hedonistic time before we were all confined to our homes, CSS Platinum enjoyed a lively panel session at an international industry event in Cortina d’Ampezzo in February, when an Italian the business owner approached us with an interesting question:

“Are cybercriminals really targeting us? Could they actually do all the things you just described? The thing is I am just not hearing about these attacks occurring.” 

A fair question, to which our team at CSS Platinum enquired: 

“If your business had suffered a cyber-attack,
who would you have told?” 

“As few people as possible,” he responded instantly.

Herein lie the reality and the problem. In the competitive business environment, where purchase decisions are made on relationships and trust, cyber-attacks are not reported for fear of the damage it will have on a company’s reputation. The difficulty is that because attacks are not being actively reported, those businesses yet to experience the embarrassment, pain, distress, worry and damage of a cyber-attack do not perceive it a problem. 

Right now, businesses are being actively targeted by opportunists and highly sophisticated criminal networks across the globe. Businesses can be the subject of “target packs” compiled on them by numerous international criminal groups. 

These are not tin-pot criminal opportunists; these are well-financed, highly organised criminal businesses with business plans, budgets and resources available. 

The five personas of Cybersecurity: 

• Those that appreciate the risks and proactively do something about it. 
• Those that have been hacked, never want to experience the pain again and do something about it. 
• Those that may appreciate the risk but consider cybersecurity “techy”, complicated and easier to ignore than try to understand. 
• Those that may appreciate the risk, but do not like the thought of a cyber company crawling unfettered across their devices and networks. So, ignore the issue. N.B.: this is not how cyber companies work by the way. 
• Those that have no idea that they are vulnerable. 

Unfortunately, cybersecurity is here to stay and is no longer something to be ignored. Technology and artificial intelligence continue to evolve at an alarming rate and show no signs of slowing down. This evolution coupled with the reduction in component prices and the prospect of greater connectivity and data transfer rates promised by 5G technology will result in more “things” becoming “smart”, digital and automated and joining the realm of the Internet of Things. 

Smart things require connectivity to a network to enable them to be controlled remotely by devices. Any network connection presents an access point for a cyber-attack. 

Across the globe, doors and windows of homes are locked every night to provide security and prevent uninvited criminal intruders. We are at the beginning of an age where this same approach to security must be the standard for your digital environment. 

Why do criminals target individuals, businesses and their supply chains? 

It does not matter whether you are an individual or a business. The motivations and tactics employed by cyber criminals are exactly the same. 

Consider, what could I do if I have access to your personal or business information networks? What could I do if I can access your photo library, your emails, your Microsoft365 account, your CRM (customer relationship management) system? 

The answer? A lot of really worrying and scary stuff. But why would I want to do this? 

In all likelihood, it is because a criminal organisation wants to steal stuff from you for their benefit or someone else’s. 

This is not a problem that affects individuals and business elsewhere in the world. This is a clear and present threat to the residents and businesses in our community today. As a spokesperson from the Royal Gibraltar Police confirmed: “Cyber criminals are actively targeting individuals and businesses here in Gibraltar. The unique opportunities that Gibraltar presents to individuals and businesses makes them attractive targets to cyber criminals. Businesses and residents alike, must be aware of the cyber risks they face, how and why they are being targeted and should, as far as possible, mitigate those risks by making themselves #hardtohack.”

Let’s assume I’m a criminal… 

• I want to steal things: money; 
• I want to steal personal information, either your own or your customers/clients, for extortion purposes or to enable me to criminally target them; 
• I want to steal commercial information and/or intellectual property for commercial espionage; 
• I want to steal and sully your reputation to give me, or a competitor, an advantage. 
• To steal, I need access: this might be digital access to electronic files or emails or bank accounts, or this might be physical access to your home or business premises. With so many systems now being controlled digitally and by networks, I can use a cyber-attack to provide access to: 
• Your personal devices and emails to steal personal information, or opportunities to divert payments, or lock your devices and blackmail you to regain access. 
• Your business CCTV cameras, conference facilities cameras and microphones to listen for and steal privileged commercial information, or to access your network and steal files, or to lock your network with Ransomware and blackmail you to regain access. 

It is essential to understand that a cyber-attack is not the end goal; it is a tool to achieve a goal. My goal might be theft of intellectual property or personal information or images: access is provided to me via a cyber-attack that enables remote access to your business or home network / devices. Think of it as a metaphoric digital crowbar or rock through a window. 

If I’m a cybercriminal, I can use a cyber-attack in many ways and forms to give me the access I need, when I want it, where I want it, to achieve the conditions I want. Throughout history, military commanders have sought to fight at a time and place of their choosing to ensure they triumph on the battlefield; cybercriminals are no different. 

How do criminals target businesses, their owners and their wider supply chain? 

Criminals seeking to target individuals and businesses are cunning, clever and capable of implementing an elegant, elaborate and elongated strategy to achieve their ends. They are patient and, like a chess player, are capable of planning many moves ahead; with multiple contingencies should situations not unfold as they intend. 

To do this effectively however, they need to gather useful information to formulate a winning plan. As a result, criminals will target as many potential sources of information associated with an individual or business to build the fullest picture (or target pack) of an opportunity. This will include friends, family, staff, customers, suppliers, insurance advisors, legal advisors, and any other individual or company who connects and holds information on an individual or business. 

Think of it as peeling back the layers of an onion’s skin to get to the centre: the target, the goal. Once individual/s have been identified, the criminal will seek to gather information innocuously or coerce the individual directly into passing information or conducting an act that enables further information to be gathered. For a business, this could be access to the business’ network and/or in time, the owner’s business or personal emails and files. 

To find the right individual to trick or coerce, criminals use the internet to identify individuals, businesses and supporting suppliers and target their cyber unpreparedness and weakness. Poor cybersecurity, online security or habits and/or misfortunate circumstances can inadvertently offer an opportunity for an individual to be targeted and/or subverted. These circumstances can include: 

• Social media security settings not applied, meaning posts are available for all to read or view. 
• Poor and/or naïve electronic device usage which presents a cybersecurity risk by navigating to risky or insecure sites, clicking on unknown links, not regularly updating software and application update patches. 
• Large debts, addictions or inappropriate use of illegal or socially taboo sites that may result in a family member or staff member being bribed and/or coerced into providing information on an individual or business or carrying out an act that enables remote cyber access. 
• Not knowing that personal data may have been hacked already and is for sale on the Dark Web which can enable further targeting and even identity theft. 

Once the cybercriminal has the access or information, they require they will apply strategic patience and wait until the conditions are right and the opportunity justifies the risk. 

To conclude: 

Cyber security is a clear and present threat to the individuals and their businesses. Regretfully, for most, it is not a case of if a cyber-attack will occur, but rather when. Addressing cybersecurity can be an intimidating prospect, but when vulnerabilities are addressed proportionately and coherently and governed effectively the result is that individuals, businesses, their owner and those that support them will be #hardtohack. 

About CSS Platinum 

CSS Platinum are international cybersecurity experts. Our ex-military and US Government executive team has over 50 years’ experience in the security and protection of high value corporate and top-secret intelligence data across the MOD, NATO, MOJ, UK/US Government, and leading Fortune 200 and FTSE 150 companies. Further information on the service we provide is available at https://cssplatinum.com, including video content and various whitepapers.

For a free 1 hour consultation about your cyber concerns and
becoming #hardtohack, get in touch: support@cssplatinum.com

The Royal Gibraltar Police have a variety of cyber security resources online: https://www.police.gi/information/cyber-safety