The last few months of quickly switching between office-based and home working, or maintaining a hybrid of the two, has left many businesses on the back foot when it comes to making sure their operations are secure.
Cybercrime is big business, and the 2020 Cyber Security Breaches Survey from the National Cyber Security Centre makes for an interesting read, detailing the increase in cyberattacks across the economy.
Attacker profiles range from individuals to multi-million pound operations profiting from their crimes. If you want an eye-opening glimpse into the dark side, browse YouTube for cyberattack examples and see just how easy it is for attackers to gain access to your organisation’s systems and data.
Many attacks are relatively basic and might include fairly simple phishing or malware attempts, while others are more advanced and could see your organisation frozen due to a denial of service attack, or held to expensive ransom. Whatever the circumstances, you could be looking at loss of business, fines, damage to your reputation and even a scenario that puts you out of business.
It would be foolish to claim we can eliminate risk, but there are many measures we can take to reduce the chances of a successful cyberattack.
If you haven’t already got the government-backed Cyber Essentials and Cyber Essentials Plus certifications under your belt, you are missing out on a simple but effective way to guard against the most common threats.
Suitable for all organisations of any size, working in any sector, having one or both of these certifications demonstrates your commitment to cyber security and gives you an overview of how effective your cyber security is.
The Cyber Essentials scheme was created by a government-led consortium which included UK business organisations and security bodies, and involves two badges.
Stage one is Cyber Essentials, which involves a self-assessment questionnaire with open ended questions on five basic security controls – secure configuration, boundary firewalls and internet gateways, access control and admin privilege management, patch management, and malware protection.
Stage two is Cyber Essentials Plus. This includes the same core requirements as Cyber Essentials, adding in an external certifying body to use a range of tools and techniques to test your systems and controls and expose any weak points that might allow the hackers access.
Having the certifications in place is mandatory if you want to bid for certain public sector contracts, and an increasing number of public and private sector organisations are also making it a supplier requirement.
We have helped hundreds of organisations achieve Cyber Essentials and while is an excellent base for promoting cybersecurity health, it is only intended to get you started on first stages of the security journey. The constant shifting of the threat landscape has sparked an increase in the number of organisations who feel out of their depth and want to switch to buying security as a utility, hence the creation of our Cyber Security as a Service (CSaaS) model.
We believe that the client should retain control and our consultancy services, workshops and training sessions and support framework are all designed with that aim in mind, giving clients as much or as little help as they need to put robust security controls in place.
If you want the reassurance of working with the leading North East IT security experts with a 20-year track record and a reputation for taking the lead on cyber security issues, give us a call to find out how we can help deliver the peace of mind that your business is protected.