From its origins in the United States in 2004, many countries across the globe now designate October their ‘national cyber security month.’ While cyber security requires year-round vigilance, this month-long initiative is intended to foster awareness of online security best practice and focus the minds of public, corporate and individual IT users on the cyber threats that exist.
However, you may be asking: ‘I haven’t suffered a serious cyber-attack, so why should start worrying about my business’s cyber security now?’
The growing threat in numbers…
Countless reports, both domestic and international, suggest that cyber criminality poses a greater threat to organisations than ever before.
In March of this year, the Department for Digital, Culture Media and Sport published its annual ‘Cyber Security Breaches Survey.’ Although the report found that the proportion of businesses identifying cyber-attacks was broadly similar to the previous year – at 39% – concerning new statistics show that attacks are increasing in frequency. In the 2022 survey, 31% of the businesses which identified attacks, said that such attacks were occurring at least once a week. The same figure in the 2021 survey was lower, at 27%, and back in 2017 this figure stood at just 22%.
These figures are consistent with global data suggesting a sharp upward trajectory in the prevalence and effectiveness of cyber-attacks, with the global cost of cybercrime expected to reach $10.5 trillion in 2025, compared with just $3 trillion back in 2015. Sadly, for SMEs the bad news doesn’t stop there, with a 2021 report by Barracuda Networks suggesting that smaller firms are over 3 times more likely to be targeted by cyber criminals than large corporations.
So what action can I take to bolster my cyber defences?
The ‘Cyber Essentials’ accreditation scheme administered by the National Cyber Security centre, recommends 5 key baseline controls designed to offer substantial protection against roughly 80% of cyber attacks. So why not mark Cyber Security Awareness Month by assessing your business against these recommendations, and get your team talking about cyber security?
Here are the 5 key steps for cyber success as recommended by Cyber Essentials:
Firewalls remain an indispensable security tool, acting as gatekeepers to your digital estate. They can be deployed in software or physical form, at the edge of an LAN (local area network) or at device level. User preconfigured ‘rules,’ firewalls permit or block the passage of data to and from your network with the aim of preventing malware from shady corners of the web infiltrating your digital assets.
To ensure your firewall protections are functioning optimally, perform regular audits ensuring that all devices used fall within the scope of firewall protections, particularly remote devices likely to be used outside of your trusted office network. Check in with your firewall administrator, and review ‘rules’ pertaining to the web resources and services your team can access, and remove access to those you no longer use.
- Using a boundary firewall to protect your office network.
- Installing software (or ‘personal’) firewalls on devices likely to be used outside of your network.
- Configuring firewall ‘rules’ which restrict traffic to sites not required for work purposes.
Securely configure all devices and software
New devices and software programmes often feature latent security features that end-users overlook or simply fail to initiate. These features are almost never configured by default, with manufacturers and developers keen to make their products as accessible as possible ‘out-of-the-box.’
Again, consider auditing new tech acquisitions for maximum security, ensuring that unwanted applications are removed, default passwords are changed to higher security alternatives and that features like screen lock protections are activated. Consider instating multifactor authentication where you have this available, including biometric and password-less authentication for added security.
- Disabling/removing unnecessary functions and applications.
- Changing default passwords to improve security.
- Enabling conditional access requirements (multi factor authentication) where available.
- Manage your identities and enforce strict user access controls
Governing identities and access to corporate resources requires constant vigilance.
Start by considering the user accounts most highly prized by cyber criminals: admin accounts. Administrative privileges should be restricted to as few users as possible, and should ideally be hosted within dedicated accounts with severely restricted web access to reduce the risk of malicious intrusion.
More broadly, security best practice dictates that access to business-critical resources and data should be permitted on a strictly as-required to minimise security risk, and file-level controls should be applied to safeguard highly sensitive information. Consider using an identity and access management platform like Azure Active Directory in order to remotely extend and withdraw access, enforce enhanced authentication measures and gain oversight of your organisation’s identities.
- Using dedicated ‘admin only’ accounts for administrative tasks.
- Granting little to no administrative privileges to general accounts.
- Using identity management solutions for easy identity/access governance.
- Only installing software from trusted, official sources.
Deploy Malware countermeasures
A combination of the words ‘malicious’ and ‘software,’ malware refers to the code used by hackers to steal, corrupt or compromise corporate data typically for financial reward.
Anti-malware tools have a role both in reducing the likelihood of malware intrusion and taking action against malicious code that does find its way through any filtering mechanisms. Email filtering is a useful preventative measure to safeguard one of the most precarious portals to your organisation’s IT system: the email inbox. By comparing email addresses against known untrustworthy domains, URLs and IP addresses, email filters can block items believed to be coming from a malicious source. Some filters also feature signature-based attachment scanning capabilities, allowing malware-infested attachments to be intercepted and quarantined.
System-wide XDR (extended detection and response) platforms offer more sophisticated anti-malware countermeasures, with the ability to detect and remediate attacks in real-time, plus detailed post-attack analysis. Such platforms can provide threat oversight and governance across both on-premise, hybrid and cloud environments.
In addition to the technical measures we’ve discussed, another vital way to reduce the chance of malware intrusion is to close off unnecessary entry points. This can be done by drawing up a ‘whitelist’ of approved, trusted and business critical applications and auditing network connected devices ensuring only approved applications are present.
- Installing anti-malware software on all endpoint devices.
- Prohibiting the use of public WiFi networks to prevent eavesdropping attacks.
- Using email filtering to prevent malicious attachments reaching your email inboxes.
- Creating a ‘whitelist’ of approved software and prohibiting the download of applications not on this list.
- Using XDR (extended detection and response) tools for more advanced threat protection.
- Using ‘sandboxing’ to test software in an isolated environment, precluding the spread of malware to the rest of your network.
Ensure hardware and software is fully up to date
Cyber criminals are always looking for software weaknesses through which to launch an attack. Don’t give them the opportunity: ensure all your devices and programmes are running with the latest updates and security patches installed.
- Applying patches and other updates as soon as they become available.
- Enabling ‘auto update’ functionality where available, including on phones, operating systems, programs and applications.
- Discontinuing the use of unsupported devices and software.
An additional recommendation: Cyber Security Awareness training
In addition to the technical measures outlined above, we strongly recommend engendering a culture of cyber security awareness in your business.
The reason for this is simple: most cyber-attacks seek some form of end user compliance. The Cyber Security Breaches survey 2022 discovered that of businesses which reported cyber attacks in the 12 month survey period, a whopping 83% encountered phishing attempts, making this by far the most common vector of attack. Such attacks are often called ‘social engineering attacks,’ as they rely on end user deception and emotional manipulation to achieve their aims.
- Familiarising your team with the tactics used by phishing scammers. Focus heavily on some of the more sophisticated, targeted scams, including spear phishing and CEO fraud. Make your team aware of email spoofing and encourage employees to be wary of emails making unorthodox payment requests.
- Making your team aware of phone-based phishing scams. Ensure your employees know that phishing scammers also operate via the medium of telephony and text message. Instil a culture of natural suspicion, encourage your staff to verify identities and require the use legitimate channels for authorising payments.
- Using attack simulation tools to test readiness. Phishing simulation tools to gauge your team’s ability to identify malicious emails. These tools imitate the emotive language and other manipulative tactics used by phishing scammers, without obviously subjecting your environment to any risk. This can be a great way to identify opportunities for further security training and development.
Cyber security isn’t just a one month a year thing.
Cyber security requires year-round vigilance. SolCo are trusted by over 350 UK businesses to look after their security, let us take care of yours for you. Guided by our “security first, business a close second” philosophy, our solutions offer watertight data protection capabilities while synching seamlessly with the demands of your business. Contact us today to learn more.
SolCo IT Support Reading
Based in Reading, Solution Consultants provides IT Support, Telecoms, and Cloud solutions for SMEs across the Thames Valley. We get to know your business, challenges, and goals and deploy scalable and agile technology solutions that make a real difference.
We specialise in simplifying IT, making valuable technology more accessible than ever before. We believe technology has the power to transform your business and open access to new markets. Check out our site here.