Organisations often don't know what information about them is already publicly available through breached credentials, leaked data, infostealer logs, supply chain exposures and third-party breaches. The first step in improving cyber security is gaining visibility into your digital footprint.
The speakers repeatedly stressed that organisations shouldn't panic because data is exposed. Instead, they should focus on understanding and reducing risk through good cyber hygiene, monitoring and continuous improvement. The goal is resilience rather than perfection.
Modern attackers often don't need sophisticated exploits. They use:
- Stolen usernames and passwords
- Password reuse
- Social engineering
- Publicly available information
- AI-enhanced phishing
Hackers don't break in anymore, they log in.
4. Small pieces of data become powerful when combined
Attackers combine information from multiple breaches over time.
Examples include:
- Email addresses
- Passwords
- Personal details
- Previous breaches
- Social media
- Supplier information
AI now makes it much easier to build convincing phishing attacks using these combined data points.
There is more than one petabyte of stolen, leaked and breached data circulating across criminal ecosystems. Criminals only need one useful credential or forgotten account to gain access.
5. Supply chain risk is now one of the biggest threats
Your organisation's security depends on your suppliers.
Examples discussed included:
- Third-party IT providers
- Software vendors
- HR providers
- Logistics companies
The Marks & Spencer example demonstrated how attackers exploited weaknesses across the wider ecosystem rather than attacking the retailer directly.
6. Social engineering remains a top threat
Several real-world examples showed that attackers often exploit people rather than technology.
Examples included:
- Convincing helpdesks to reset passwords
- Using previously breached information to impersonate employees
- Highly personalised phishing
- Voice scams (vishing)
The message was clear: technical controls alone aren't enough, staff awareness is equally important.
7. Multi-factor authentication (MFA) is essential, but not enough
The speakers encouraged organisations to implement MFA everywhere possible.
However, they also noted that:
- Not every organisation has rolled it out consistently.
- Attackers increasingly target helpdesks or users instead of trying to bypass MFA directly.
MFA should be one layer within a broader security strategy.
8. Good password management still matters
Advice included:
- Use unique passwords.
- Avoid password reuse.
- Use a reputable password manager.
- Don't change passwords unnecessarily unless they've been compromised.
Credential reuse continues to be one of the easiest ways for attackers to gain access.
9. Public Wi-Fi remains a significant risk
One practical example involved stopping someone from logging into online banking over free airport Wi-Fi.
The message was to:
- Avoid accessing sensitive accounts on public Wi-Fi.
- Use mobile data or a VPN where possible.
10. Continuous monitoring is becoming essential
The presentation promoted Managed Detection and Response (MDR) services, arguing that organisations need:
- 24/7 monitoring
- AI-assisted threat detection
- Human analysts
- Rapid incident response
This is particularly important because most attacks occur outside normal business hours.
The key message was that while firewalls, antivirus and MFA are important preventative measures, they cannot stop every attack. MDR helps organisations detect and respond quickly when attackers do get through, reducing business disruption and damage.
11. Cyber security is now a board-level responsibility
Cyber risk is no longer just an IT issue. Directors and senior leaders are expected to demonstrate effective cyber governance, understand organisational risk, and ensure appropriate monitoring and response capabilities are in place. The presentation highlighted GDPR obligations, cyber insurance requirements and the importance of being able to evidence good cyber security practices.
12. Take advantage of a free BreachAware exposure report
The presenters encouraged organisations to be proactive by requesting a free BreachAware report to understand their external cyber exposure. The report provides visibility into publicly available information such as exposed credentials, leaked data, third-party breaches and supply chain risks that may already be circulating on the dark web or other public sources. The aim is to help organisations identify and address risks before they are exploited by attackers. You can request your free report here.