The ‘New Cold War’ continues to mark urgency for organisations to bolster cyber-resilience

It’s no secret that the consequences of the Russia-Ukraine war are widespread, impacting the world in ways no one could have foreseen. As the tension continues, organisations have noticed a sharp increase in cyber-attacks. According to Bridewell Consulting’s research, 86% of organisations have reported an increased number of cyber-attacks since the start of the Ukraine war and 69% worry their systems are vulnerable to attack. With sustained attacks including DDoS, new data wipers, phishing campaigns and malware on government organisations, businesses across the globe are in danger of being caught in the cyber-crossfire.

The cyber threats are particularly concerning for critical infrastructure where IT and OT/ICS are highly interconnected. In these circumstances, a compromise may have a domino effect leading to potentially devastating consequences. While nation-state hackers may display a sense of focus and restraint, an ad-hoc army of freelance hackers is more unpredictable, leading to new vulnerabilities for both people and businesses. This surge in cyber-attacks creates a unique sense of vulnerability for businesses. With heightened cyber-risks, there is an urgent need for organisations to become cyber-resilient. The Government department for Digital, Culture, Media & Sport (DCMS), along with Julia Lopez MP has urged businesses and charities to strengthen their cyber security practices now. This comes at a time when the National Cyber Security Centre has published guidance on the steps organisations can take when the cyber threat is heightened. It’s imperative for businesses to focus their attention on their cyber security efforts, starting with what has failed in the past and seeking solutions to address these failures. This will allow businesses to learn from previous mistakes and take ownership of their own network security, or risk being collateral damage in the cyber crossfire. Aligning digital transformation with cyber-resilience Many businesses fast-tracked their approach to digital transformation during the Covid-19 pandemic. As such, organisations were forced to ease security procedures to help staff adjust to remote working, creating a variety of security issues. The emerging all-digital lifestyle and work-from-home environment will continue to complicate cyber security and give criminals new vulnerabilities to attack. In Deloitte’s recent article on the impact of Covid-19 on cyber security, it highlights a Swissinfo.ch report of figures from the NCSC (National Cyber Security Center) for June 2020. These figures indicated individuals working at home do not have the same level of inherent protection/deterrent measures compared to an office working environment. Reimagining traditional password security The main reason criminals easily gain access and command over a network is due to the inherent weaknesses apparent in the traditional approach to network security. In the office workspace, organisations distribute passwords to their employees directly, rather than having an employee craft a key themselves. The power lies in the hands of the business, rather than the individual. But when companies went digital, they flipped that process around. Suddenly, they let their employees create their own keys to every system, transferring ownership and control of access to them. From that moment, organisations no longer knew or had control over when, where, and how employees would share, lose, or reuse passwords. The ability for employees to share, lose, and reuse their passwords without their organisation knowing, leads to tactics such as phishing, social engineering, credentials stuffing and password spraying to allow cyber criminals to get past unsuspecting users. Cyber criminal’s access points Loosening the security rules and regulations on staff to support remote work continues to cause several security issues. For instance, it has proven to be problematic to blindly give untrained staff permission to connect their personal devices to the enterprise network or use employer-supplied computers for personal use. Doing so can create various problems, even something as simple as clicking on a phishing link within a personal email, can cause enormous disruption, if only to the work flow of the IT team tasked with resolving the issue. The problem is compounded as employees increase the chances of a threat through their personal Wi-Fi networks that have no security policies in place. Once connected they’re often using a VPN, granting open-ended authorisations to access entire suites of corporate files and data, without background verification checks or security reviews. Regain control of your network, before it’s too late Businesses should invest to secure their networks. They should adopt a high-bandwidth network infrastructure, upgrade security protocols, establish internal policies giving guidelines on how employees should protect company data and information, and improve password protection by enforcing multifactor authentication. Faced with the increased risk of getting caught in the cyber crossfire, it is not too late for organisations to take responsibility for the security of their networks and make their digital infrastructure cyber-resilient.
You may be interested in
Outgrowing your MSP; businesses need a provider that scales with their growth
To stay competitive, business leaders must align with MSPs that deliver strategic value, drive innovation, and support to scale. Now firmly into 2025, it’s becoming clear what the year has in store for the IT landscape. For SMBs, the message is clear: business growth must be matched with smarter, more scalable managed services. The demand for cyber-resilient, cloud-first and AI-integrated solutions is no longer a forecast – it’s a reality already shaping business priorities. According to leading global technology market analyst firm Canalys’ MSP Trends 2025 report, the MSP model is transforming under growing pressure…
End of windows 10 support signal urgent action needed from UK organisations as cyberattacks continue to rise
Recent breaches at major UK retailers, combined with the approaching end of life of Windows 10, highlights a critical moment for IT resilience planning The recent wave of cyberattacks targeting major UK retailers has highlighted the growing security risks associated with organisations running outdated systems and applications and maintaining weak identity verification protocols. These incidents—particularly those involving Marks & Spencer and the Co-Op—have starkly exposed how vulnerable legacy infrastructure and insufficient access controls can be. In both cases, attackers successfully posed as legitimate employees and manipulated IT help desks into resetting internal passwords, ultimately gaining…
UK SMEs must fortify their cybersecurity against geopolitical risks, says Espria
A recent Sky News investigation highlighted an uptick in cyberattacks tied to the Iran conflict that are targeting businesses across multiple sectors. Speaking at the NATO Summit, Prime Minister Sir Keir Starmer urged UK businesses, regardless of size or sector, to prioritise cybersecurity and ‘take immediate steps to review and strengthen their defences.’ While the warning is timely in tone, businesses are already becoming targets of politically motivated cyberattacks, emphasising the need for heightened vigilance. “As tensions spread globally, threat actors will continue to exploit digital vulnerabilities, and neutral businesses may be caught in the…
End of windows 10 support signal urgent action needed from UK organisations as cyberattacks continue to rise
End of windows 10 support signal urgent action needed from UK organisations as cyberattacks continue to rise
Why Businesses Should Invest in ESG: Lessons learned by Espria
In today’s competitive landscape, Environmental, Social and Governance (ESG) performance is no longer just a “nice to have”—it is a critical business imperative. Companies that prioritise ESG are better positioned for long-term success, risk mitigation, and reputation enhancement. Today’s world demands more from companies than just financial performance. Customers want transparency. Employees want purpose. Investors want resilience. ESG helps businesses manage risk, seize new opportunities and build trust with the people who matter most. It is how you can stay competitive, stay responsible and stay relevant in a fast-changing world. A powerful case study of…
The Importance of Compliance and Security: Complementary Forces in Today’s Business World
In today’s rapidly evolving business landscape, compliance and security have become paramount. These two elements, often perceived as hurdles, are in fact complementary forces that drive business success and sustainability. Understanding their importance and how they work together can transform them from perceived blockers into enablers of growth and innovation. The Role of Compliance Compliance refers to adhering to laws, regulations, standards and ethical practices relevant to an industry. It ensures that a company operates within the legal framework and maintains its reputation. Compliance is not just about avoiding fines and legal issues; it is…