#No.8 Edition

Sharp & curated cybersecurity news to keep your business safe & secure

Hello again, cybersecurity enthusiasts️, apprentices, and newcomers 🚀!

Twice a month, we’re “hacking” your feed with AROBS Cyber News(letter) – fresh and straight from the cybersec bubble 🔒. We promise to keep it short and sharp ✂️.

Here’s what you’ll find in our sections:

• The Only Article You Need to Read This Week 📝

• The Specialists’ Take 🎯

• You Need to Know That 📖

Threats via Google Forms – Why Advanced Cybersecurity Solutions Are Critical

Cyber attackers are increasingly abusing Google Forms to launch phishing campaigns that bypass traditional email security. By exploiting Google's trusted domain and encryption, malicious forms appear legitimate, tricking users into divulging sensitive credentials such as corporate passwords and banking information. 

Since links to Google Forms come from a trusted *.google.com domain, most traditional defences based on domain reputation or URL filtering fail to detect these threats. Attackers often mask their activity with URL shorteners and webhooks, making detection even more challenging. 

Industries such as finance and education have already seen a 63% increase in Google Forms-based phishing attempts, clearly signalling that traditional security solutions are no longer sufficient. 

Organisations must now deploy advanced email security, enforce SPF, DKIM, and DMARC, implement multi-factor authentication, and provide regular phishing awareness training. 

Read more about the topic here: 

https://cybersecuritynews.com/google-forms-weaponized/ 

Cybersecurity Budgeting Should Start with Risk, Not Tools

The Specialist

Iulia Raboi is a Project Manager in Cybersecurity in our Software Services Division.

In many companies, especially small and medium businesses, cybersecurity budgeting often starts with product pitches: a flashy new firewall, an AI-driven detection system, or a must-have new platform.

However, from my perspective, buying tools without a clear understanding of your risks will lead to inefficiencies and vulnerabilities. 

Analyse before investing

You might overspend, misallocate, or even worse, leave critical gaps uncovered.

The more suitable approach is to start with a risk-based cybersecurity plan:

• What are the most valuable assets in your organisation?
• Where is your sensitive data stored?
• What threats are most likely to impact your industry? How?

These are the questions that should drive budget decisions. Prioritising budgets based on business impact, not fear or vendor hype, ensures that every amount spent reduces risk or solves an identified problem.

The threats are real

When considering critical gaps and business impact, let's examine Marks & Spencer, a significant player in the UK market. This month (April 2025), they faced a major cyberattack, leading to 5 days of suspended online sales and a drop in the company's stock market value of more than £ 500 million. It can happen to anyone. 

This incident highlights the importance of conducting regular and thorough risk assessments to identify potential vulnerabilities and implement effective security measures that protect against cyber threats.

A risk-based cybersecurity plan prioritising high-impact scenarios like ransomware and supply chain breaches might have minimised disruption and response time, reducing downtime and financial loss.

Say less, do more

According to PwC's 2025 Global Digital Trust Insights survey of ~ 4,000 businesses from across 77 countries:

• 88% of executives say cyber risk measurement is essential, less than 50% do it effectively, and only 15% quantify the financial impact of cyber risks to a significant extent.
• Only 2% of executives report full implementation of cyber resilience across all areas.

Let's start simple.

You may not need another security tool this quarter, but you should run a phishing simulation and finally fix your password policy.

Perhaps your most significant gap isn't technical, but rather a lack of user awareness or an inadequate incident response plan.

If you're progressing with your cybersecurity posture, look at your suppliers next.

A clear, risk-first mindset gives your cybersecurity efforts direction and purpose.

As someone who manages both projects and people, I've seen security initiatives fail not because of weak technology but because of misaligned priorities. 

Start with risk. Build your roadmap around it. Then, bring in the right tools to support the mission, not the other way around. 

What Is an Incident Response Plan

When a cyberattack strikes, every second counts. An Incident Response Plan (IRP) is a structured guide that outlines how your business should respond during a cybersecurity incident, whether it involves a phishing attack, ransomware infection, or data breach. Everyone should know their role, the steps should be clear, and chaos should be replaced with coordinated action.

An effective IRP covers key stages, such as:

• identifying the incident
• containing the threat
• eliminating the cause
• recovering systems
• learning from the event to prevent future attacks.

Without a plan, companies risk losing valuable time, making costly mistakes, and facing even more severe consequences, ranging from financial loss to reputational damage.

Here's the reality:

• Cyberattacks are no longer a possibility; they're a probability.
• Having an incident response plan isn't a luxury; it's a necessity.

If your business doesn't have an Incident Response Plan (IRP) yet or if your team is unsure what to do in the event of an attack, now is the time to act.

We're here to help you build a simple, straightforward, and ready plan when needed.

Contributor: Iulia Raboi, Project Manager in Cybersecurity

Stay safe, stay secure!