As the digital world increases criminals are likely to continue to ensure that high profile security breaches stay in the headlines. Technology evolves and so do the threats and motivations developed by hackers targeting business of all sizes. The battle goes on, but as the threats increase, so does the ability of a company to protect itself and the data that’s key to business continuity.
Given the proliferation of devices being used to access systems and data remotely, the number of potential open doors and vulnerabilities is increasing. It’s not just the big brands being targeted either. Very often, the hackers will aim for smaller, more easily compromised companies. Bear in mind that hacking is a lucrative industry. Teams of prolific cyber criminals can be recruited and so for them, adding as many SME security breaches as possible to their profile improves a hacker’s reputation.
Smaller organisations often face understandable difficulties in this area, particularly on limited resources or having smaller IT support teams whose main activity is to keep basic systems functioning, rather than understanding the cyber security threat. This has caused SMEs to become highly susceptible to cyber breaches as hackers face less resistance in compromising systems and stealing valuable data.
This is backed up by the 2017 report by Tenable Network Security which found that UK security professionals’ confidence in accurately assessing cyber risks has fallen from 73% from 2016 to 59% in 2017. The research also found that the biggest challenges facing IT security professionals today included “low security awareness among employees” and a “lack of network visibility” due to bring your own device (BYOD) practices and shadow IT (systems and solutions built and used internally without company approval).
Do more than just the basics
IT security should mean not just going through the motions or just doing the basics. Frequently, it’s only once a business suffers the damage and downtime from an attack that they then consider more advanced protective measures. Regular penetration tests will inevitably provide you with a frequent baseline of your security stance along with some immediate benefits to bolster your defences. Remember though, that a penetration test is only a snapshot in time. With an average of 20 new vulnerabilities appearing every day, a continuous monitoring approach may be a better route.
For example, with our “always on” service we provide proactive vulnerability management, keeping a constant watch over your internet-facing systems, regularly assessing them for weaknesses that hackers could exploit and providing risk ratings for every weakness and detailed guidance for remediation.
When assessments are complete, you’ll get an email summary of what we found, along with any changes detected since the last assessment. There are no agents to install and you don’t even need to log in to the platform.
As mentioned, on average, 20 new vulnerabilities get released every day. Our daily triage process analyses them and monitors reports of exploitation activity in the wild. When we identify a vulnerability that could critically affect your systems, you’ll get a notification the same day.
Keeping overheads low
You don’t need to do anything or spend your time managing a platform; this is a proactive solution, with no agents to install or appliances to set up, with meaningful reports showing you your performance over time. The solution is subscription based and SMEs can pay by card if preferred. Also, remember there can be commercial benefits outside of your improved security, since many Cyber Insurance policy providers will take into account your security track record.
This is no reinvention of the wheel. We use the same underlying technology as the big banks do, so you can enjoy the same level of security, but with none of the complexity. Contact us to find out more.