Take a zero-tolerance approach to Cyber Hygiene

Although rapid deployment of remote working infrastructure, tools and software may have succeeded in supporting staff working from home during the pandemic, many organisations have suddenly been hit with the harsh reality that they actually failed to create a ‘cyber safe’ environment. In fact, it could be argued that the acceleration of digital transformation has, in turn, resulted in gaps, weak spots and lowered cyber defences. Malicious actors are continually adjusting tactics to exploit the most vulnerable targets, and during the pandemic gateways to new forms of data theft were opening in every direction. Each new VPN became an internet-exposed attack surface, and every piece of video-conferencing software posed new security risks. In fact, between the period of February and May 2020, the personal data of more than 500,000 video conferencing users were stolen and sold on the dark web. Attackers have been able to ‘Zoombomb’ online meetings, access sensitive information on unpatched devices and breach security software that haven’t been properly configured. Statistica states that during the first half of 2022, there were a staggering 236.1 million ransomware attacks worldwide. This came at a time when many companies were storing personal information and sensitive documents in the cloud for the first time. Of course, as an industry, we are fighting back to offer improved cyber security and cyber resilience. This has meant we are seeing increasing layer protection across all devices, applications, networks, and systems to keep data safe and ensure there’s the right levels of capacity and capability to detect, respond and recover from emerging threats and vulnerabilities. Security experts are developing cutting-edge detection and interception technologies using automation and machine learning. This has the capability to transform cyber security in the near future. The downside? Criminals have access to the same technology, but with very different plans. Robust technology defences are a must to protect your business, but many of the recent attacks are targeted at your people, not your systems. This is backed up by the fact that 61% of all breaches involve user credentials. A new phenomenon has bred, as a result, the digital identity crisis, a world that involves hackers logging in with the company keys. Social engineering techniques depend on human error to provide access to valuable data and systems. Unsuspecting users are targeted on and offline with increasingly convincing phishing and vishing scams. And they are often successful because humans can be the weakest link in the security chain. Add to that the increased interruptions and distractions many have experienced – and still do – when working from home, along with the isolation from team members which increases stress levels for others. Your employee’s focus only needs to slip for a moment to open the door to a malicious actor. Your staff know this, and they feel vulnerable. This is upheld by the fact that 32% have noticed an increase in speculative criminal activity, and 19% of people working from home don’t feel they have the skills and training to stay safe. As businesses, we know the cyber hygiene processes that should be followed to maintain the health and safety of our networks and data, and the lapses exploited during the pandemic have been a reminder that these simple but critical precautions can’t be rushed, delayed or overlooked. For example, patches and updates should be applied rapidly, backups should take place regularly, and firewalls and security software should be properly configured. Access privileges should be reviewed, incident response plans should be updated, and security awareness training should be comprehensive and ongoing. The complex environment created by mass remote working has turned every server, device, application and employee into a potential attack vector. But those aren’t the only risks associated with your revenue stream. In an increasingly connected business landscape, the security effectiveness of every partner and supplier should be considered. In one survey, 88% of respondents are concerned about the cyber resilience of SMEs in their supply chain. Thereby, it’s no longer just about closing the security gaps to protect yourself from financial, legal and reputational damage – if you can’t prove high levels of detection and protection, you could be considered an unmitigated risk, and lose out to someone who can.
You may be interested in
Businesses are losing money and jeopardising security to IT sprawl and quick fixes, says Espria
IT Leaders must take action on unchecked technology sprawl and shadow IT that are draining budgets, increasing cyber risks, and complicating their digital environment. According to a recent study, budgets towards insider risk management have doubled in the past 12 months, with 81% of business leaders looking to secure their internal business infrastructure as geopolitical tensions escalate and remote workforces become the norm. ‘Digital transformation ushered in new possibilities and solutions for computing, but it also introduced a potential for sprawl that burdens IT teams everywhere,’ said Brian Sibley, Virtual CTO at Espria. ‘When faced…
Espria launches Espria Connect, enhancing Microsoft Teams with Advanced Unified Communications
The new product, Espria Connect, isn’t just another telephony solution. It’s a game-changer, offering a cost-effective, scalable, and secure telephony solution for SMBs, mid-market and enterprise customers. Combining the power of Microsoft Teams with Cloud-Based Unified Communications, Espria, the leading managed services provider, is excited to introduce Espria Connect. This powerful solution streamlines business communication infrastructure and addresses the growing demand for a unified communication solution that supports hybrid work environments. Designed for businesses of all sizes, Espria Connect allows users to manage voicemail, make and receive calls, and access a diverse range of other…
Reimagining education: How AI is changing the way we teach, learn, and collaborate in schools
Technology has long been used by educators to support teaching and operations, facilitating staff with a wide range of platforms and resources. A particular tool that has sparked both controversy and curiosity is the inclusion of artificial intelligence (AI). A study by BCS, the Chartered Institute for IT, found that most teachers are reluctant to use AI for pupil learning with 84% of educators not changing the way they assess their students’ work. This comes after Ofsted recently launched an independent review on the use of AI in schools and how to develop the understanding of…
Espria launches CSP renewal assessment service
Leading managed service provider launches new service to address the costs associated with software sprawl, helping to drive down OpEx as businesses increasingly feel the financial squeeze. Espria, a leading digital solutions provider, has launched a free M365 Licence Assessment programme to help businesses save costs by reviewing existing licence estates and identifying those licences not in use or no longer being utilised. With Microsoft recently changing how they sell and structure licenses, businesses must now reassess their current M365 licenses, looking for ways to reduce costs and keep the capabilities they need as they…
Your guide to leveraging NCE pricing to get the best value
Renewing your Microsoft Licensing Agreement is an opportunity to align your IT strategy with your business goals. It allows you to take advantage of the latest technologies, optimise costs, and ensure compliance with industry standards. While this might seem straightforward at first glance, to achieve the best value and biggest discounts, it’s often more complex than it appears and navigating the renewalprocess requires careful planning. In this Blog we will walk through what you need to know about the new Microsoft Licensing rules,when to get the best value from your renewal, and how to review…
Loving your customers with AI, cybersecurity and peace of mind with MSP support
2024 has marked a massive shift for SME IT needs, as creating an appropriate and optimised business strategy has become an increasingly difficult challenge for business owners and IT operators nationwide.