TravelTransfersBusiness
  • Solutions
    Supplier paymentsPayroll processingExpensesManaging risk
  • Why Caxton
  • News
  • API
  • Contact

Future of Payments

How to win the cyber war


This article was first published on LinkedIn. Subscribe to Rupert Lee-Browne's 'Future of Payments' newsletter to read his articles as soon as they are published. <br> <br>

Here’s something that won’t come as a shock to any of us: the bad guys aren’t going away. When talking about cybersecurity, bad actors have unlimited patience to test, test, test your security systems. And the worst part may be that you have to win every day, but they only have to win once. <br> <br> Cyber criminals are becoming richer and more sophisticated, giving them access to wider resources. There are already criminals out there providing CaaS – Crime as a Service. And they’re working hard at breaking all the systems we use. The most recent victim to this is two-factor authentication. What we’ve considered safe so far has in fact been spoofed, and can no longer be relied upon to keep us safe. <br> <br> So let’s start with the premise that you and your company ARE at risk and you NEED to do something about it. There are various issues here – the risks range from data theft to systems destruction via ransomware and basic online fraud. And the methodologies are many and varied. So where to start? <br> <br>

Whose job is it?

It’s easy to say that it’s a board’s job to manage the risk of cyber security. It’s even easier still to say that it is entirely the Chief Information Security Officer’s (CISO) or the CTO’s role to carry the weight of responsibility – and of course the blame when things go wrong. <br> <br> The biggest issue with this is communication between different players. Does the board understand the language the CISO/CTO/CIO is using? Do they indeed understand the very real risks the company is facing? And on the other end, does the CISO/CTO/CIO have enough pull in the organisation to effect that change as quickly as needed? <br> <br> The simplistic answer is that it’s the whole company’s responsibility. The C-suite and board can effect change across the business to a certain extent, and they need to do their part to understand the risks to the business. If you don’t understand the gravity of the threat, you may not give it the attention it needs. So it’s important to me, and I’d say to anyone in my position – to make a real effort to understand what this means. You may not be an engineer, but you need to understand what your CTO is telling you. <br> <br>

Culture Club

When you get down to it, it is much more nuanced than “it’s this person’s job” or “it’s that person’s job”. It is a question of culture that determines how an organisation behaves. Cultures can be toxic or sublime, and every business of more than two people will have its own culture. <br> <br> It’s a way of going about things, the sorts of people it recruits, the language it uses – it’s all the unwritten club-like thinking and doing that is key. And as important it is for your C-suite to live and breathe that culture, it is all the more important how that’s communicated and embedded on all levels of your organisation. <br> <br>

Culture eats strategy for breakfast

So if it’s about cybersecurity, why am I banging on about culture? Because at the end of the day, you can have the most sophisticated systems on the planet, but they’re being operated by people. And people come with a big, built-in security flaw. People, by virtue of wanting to form connections, are susceptible to social engineering. So when those cyber criminals fail to break down your security systems through a DDOS attack, the next step will be to attack your people. <br> <br> Luckily, by the very nature of our built-in flaw, it also comes with its own solution. Creating the right culture around security means that your people aren’t drawn in by social engineering attempts, because they’re already embedded in your culture. If you can make sure that your culture includes that understanding of cybersecurity and the importance of staying alert, you’re one step closer to being a truly secure organisation. <br> <br> At Caxton, cyber security awareness starts from day one. I’m always one of the first people our new hires meet. And I’ll tell them that the single most important thing they can do for us is stay alert. Invariably, what will happen is that a few weeks into the job, a cyber criminal will get access to their details, and they’ll receive a Whatsapp message that looks something like this: <br> <br> “Hello, it’s Ruperrt Lee Brown. Im in importnat meeting and need your help. Pls urgently send funds to [details redacted]” <br> <br> And it’s not always that easy to spot, unfortunately. But as long as we keep hammering home the message, we can ensure that culture and technology work together to keep our information – and more importantly, our clients’ information – safe and secure. <br>

Rupert Lee-Browne

7 October 2022
POST TAGS: currency  |  Online  |  Security  |  Online Saftey  |  Future of Payments
Get social with us
International Transfers

Buying Property Overseas

Buying Luxuries Overseas

International Transfers Blog

Affiliates and Introducers

Travel

Travel Money Cards

Travel Smarter Blog

Travel Money Extras

Travel Partnerships

Business Payments

Manage Currency Risk

Expense Management

Supplier Payments

Payroll Processing

Support

Support Hub

API Documentation

Complaints

Terms and Conditions

Caxton

About

Contact Us

Careers

Press

Privacy Policy

Our Apps

apple app store logo
google play store

Caxton Payments, 2 Leman St,
London, E18FA, UK


Payment Guides By Business Industry

Healthcare Payments Guide

Manufacturing Business Payments

Education Industry Payments

Retail Business Payments

Complete Payment Guides

All Business Payment Guides

Overseas Business Payments

Business Expense Management

Business to Business Payments


Travel Money Guides

Travel Money Guides

How to avoid airport exchange rates

How to save money on holiday

Easy tricks to saving money abroad

Stay safe while shopping online

Holiday cash essentials

International Payment Guides

Pay your child's education overseas

How to plan a wedding abroad

Maintaining property overseas

Repatriating funds overseas

Buying property abroad

Guide to working remotely overseas


©2023 Caxton Payments Limited is authorised and regulated by the Financial Conduct Authority for FSMA authorised business (FRN: 431844) and for the issuing of electronic money and payment services (FRN: 900663). Registered office: 2 Leman Street, London, E18FA, UK. We are also registered as a data controller with the Information Commissioner’s Office, registration number Z7413780.

The Caxton card is issued by PSI-Pay Ltd pursuant to a license by Mastercard® International Incorporated.

Mastercard is a registered trademark, and the circles design is a trademark of Mastercard International Incorporated.