DataSecurityExpert.co.uk - All Things Graeme Batsman

Service Offerings

Cyber security training
Product reviews
Blog or article writing
Cyber security consulting for SME & HNWI

View more details here or email me.

Chapter Author

Contact Graeme

Journalists, students, potential clients or anyone else, email.......
graeme@datasecurityexpert.co.uk

Something private to say?
PGP public key

No AI Used Here

Collins Aerospace, Harrods, M&S, Co-Op and Jaguar Land Rover – Don’t say social engineering is impossible to prevent, try to mitigate it with these tips

Details: Category: Cyber Security (Personal); Published: 19 November 2025

2025 has been a bad year so far for job hunters with a bad economy and jobs market in many Western countries but a good year for hackers. All of these names are household brands apart from Collins Aerospace. The latter is a very large firm and has defence contractor offerings, but we have not heard of them since it is not for consumers.

There are always speculation and “leaks” from staff or contractors (incident response firms maybe) telling how the bad guys got in. Many sources say social engineering via phone, email, Teams or via their supply chain. No, this is not zero days seen in Stuxnet or unseen malware at all. Just some online research and good acting or writing skills against staff or to staff at supply chains.

Many folk say users are the weakest link and are stupid which is unfair. Even a well trained general employee or seasoned cyber security bod (informal for body) will fall for something in time. Take a solicitor for instance, he/she has a specialist topic in law and is great at that. He/she is not good at IT and less so at cyber security awareness. A cyber security bod is not good at law, so it is unfair to put employees down.

Four defences I will cover in this article which still lack in low level detail. No, I will not be covering “normal” items like SIEM/SOAR/patching/EDR/XDR etc. Not to say these are not needed.

Blackwall & Silvertown Tunnel PCN (fine): Even my bank’s fraud team agrees it is a scam

Details: Category: Private Thoughts; Published: 14 September 2025

On the 4th whilst out all day at a funeral, my wife opened the post and said you have a fine from the greedy mayor (of London). Her words not mine and I will let you guess my opinion of Mr. Khan. It was from the Blackwall & Silvertown Tunnel (London) which was built over a hundred years ago and you would have imagined it has been paid off by now like the Dartford Crossing.

If you use a toll in Europe, Tunisia, Philippines and many other places it is clearly signed and typically there is a toll booth to ensure you pay. Here both points are lacking, especially the second. As normal government entities as well as private firms like supermarket (checkouts) are trying to automate everything to save money. There is of course likely another sinister reason. With no toll booth many people like me do not even notice I am on a toll road/bridge/tunnel or forget to pay the toll within about three or days. Hmm. A great way of generating outrageous fines!

We allegedly used the toll section on a Sunday last month which means we should pay the off-peak fee of £1.50. £4 for peak and you can setup auto pay if you use it a lot which wouldn’t be me since I did not even notice where I was. £1.50 is a fair price and £4 is okish. On the 7th April this year charges were only introduced despite half of the tunnel being opened in Victorian times.

So, you would imagine the fine would have some leniency or be fair. No, nothing is in this greedy country. You would imagine maybe you would get a warning or fine you 10x only. £180, or £90 if you pay within 14 days. 60x is the charge for this or 120x for the £180. The price goes up to £270 if you do not pay within 28 days.

diskAshur PRO3 SSD 256-Bit - Top Security PIN Authenticated/Hardware Encrypted High-Capacity External SSDs/HDDs

Details: Category: Technical Product Reviews; Published: 12 August 2025

Manufacturer: iStorage UK | Model: IS-DAP3-256-SSD-2000-F | Origin: Greenford, England
Designed & Assembled In: UK | Website: www.istorage-uk.com | RRP: from £288 (HDD less)

Simplicity	Value	Documentation
5/5	3.5/5	5/5
Functionality	Performance	Overall
5/5	5/5	94%

What Is It In Under 20 Words?
An external USB SSD/HDD drive with inbuilt encryption & authentication to protect data stored on it.

What Does This Solve?
Unlike USB sticks, secure or not this option offers far greater storage, and you could argue this is for more long-term storage since SSDs/HDDs tend to last longer than a USB stick.

These could be used for a sole backup, part of the 3-2-1 rule which is explained below or for long term archiving when access is seldomly needed.

Maintain three copies of your data. Two on-site, i.e. an external hardware encrypted drive like this, and a Network Attached Storage (could be hacked or encrypted by ransomware). Lastly, one off site copy which could be cloud or a hardware encrypted USB or external drive like this.

For some folk off-site cloud sync or SaaS backups like Dropbox, OneDrive or Google Drive is not an option. Either because they do not allow cloud data storage or their clients insist against it. Take a photographer, one I know personally who digitally photographs high value art for wealthy collections (museums or trust collections) or UHNWI. The photos are stored and shared somehow and, are needed for catalogues & insurance purposes.

Criminals or current/ex wife’s (or husbands) maybe interested in such photos since they tell them perhaps where the artwork is stored and its value. Some of these folk or entities maybe concerned on cyber security & privacy, and ask for storage not to be cloud based. This applies to the laptop/desktop and the backup method. Being such photos could be 10-100MB each an USB stick will not cut it and a 2-16TB external encrypted drive would definitely cut it.