Skip to the content
Menu

Adam Gleeson, Cyber Security Vendor Alliance Manager, reviews the five key essential functions small and medium-sized organisations require to be cyber secure. He covers:

 


Cyber security nirvana is the state you reach when you are 99.9% confident in your cyber security protections. This was, at one point, many years ago, something that was actually achievable. These days? Not so much. The relentless and somewhat unique ways in which our technology, work life, digital tools and personal lives continue to evolve and advance means cyber security Nirvana is now one of those things you will never ultimately attain.

However, you can build your cyber security strategy in such a way that you can have confidence you are doing everything you can whilst equipping yourself for whatever new threats appear on the horizon. Small and Medium-sized organisations (SMEs) need to focus on five essential functions I will describe below.

 

Traditional anti-malware protection is no longer enough

I see a range of approaches to anti-malware. Attitudes range from "It's something I know I need to have, but anything will do" to "I want to have the best I can, but it needs to be affordable". The latter is the approach that you should adopt.

The antivirus (or the modern term, endpoint protection) you run on all your users' computers is a critical line of defence. It can spot things happening that may not be visible to the person using the computer. Your endpoint security/ antivirus can mean the difference between spotting a virus or hacker's nefarious activity and you being another ransomware victim.

In this regard, you need to be looking at the best you can afford, and you need to be able to afford a next-generation solution. The traditional approach of the scanner having a 'naughty list' of known software threats is no longer sufficient. New threats emerge hourly, and the 'naughty list' approach can't keep up.

This is where the next-generation solutions come in. The new approach to is to look at process and software behaviours. While we may not be able to keep up with the latest emerging threats, 99.9% of them behave in a known manner. That is, they may be a new version or type of danger, but the nature of what they are there to do hasn't changed. By monitoring for the key behaviours associated with these threats, we can detect them without needing to know about them beforehand, providing us with a constantly up-to-date defence mechanism.

 

Patching: Keep your systems up to date

The software we run shifts and constantly changes. As with external software threats, the landscape we face from internal vulnerabilities needs addressing through effective software update (or patch) management.

New features enhance functionality or improve the software to make our jobs easier. However, with any new software code, there is a potential for bugs - most are harmless, but some represent significant security risks. Historically these bugs often went unnoticed. Nowadays, most software vendors offer 'bug bounties', rewarding anyone who can identify a bug/flaw in the software. Unfortunately, attackers often can exploit these bugs to install malicious software.

Security flaws in new software are uncovered and publicised quickly – both to the software vendor and the internet at large – meaning that it is more important than ever to ensure that your software is kept up to date to ensure that this easy attack vector does not exist.

 

Security awareness training is crucial

Your users can be the weakest link in your cyber security defence, OR they can be your greatest asset. Which end of the scale they sit at depends entirely on how well they are trained in security best practices.

Last year the vast majority of cyber attacks launched against UK businesses were initiated with a phishing attack via email. Had the users that clicked on those emails been more aware of what to look for, most of those attacks could have been easily prevented.

Many different solutions are available today that provide phishing awareness and simulations. You can train your users and help them understand where they made mistakes, so they can put into practice what they are being taught and learn what to look for.

 

Email: The Danger Within

Mimecast & Microsoft On Demand Webinar

Watch Now

 

The modern firewalls

The concept of firewalls is not new. We've had them for decades, but the task the firewall must fulfil has become more challenging in line with the other increases in technological complexity.

Traditional rule-based firewalls still work to an extent. However, with the rapid changes in how we operate, management of the rules can become burdensome. If not kept up to date, they can cease to be effective defences.

Many businesses are now adopting 'next-generation' (that phrase again) firewalls. These will feature far more robust defensive protection and internal and external network traffic analysis to pick up on potentially malicious behaviour or software indicators. Their ability to dynamically accommodate new application requirements of the users can also be a key factor. For example, allowing applications firewall access from specific software vendors (e.g., Microsoft) may alleviate some of the work required of your helpdesk as manual rules will not need to be configured for each application instance.

 

Regular Testing

Finally, having great security products deployed to protect your business and users is fantastic, but if those solutions are not configured correctly, they cease to be an effective defence. For this reason, regular testing of your systems and your users is an essential activity to perform. Would you prefer to find out your AV isn't up to scratch when it's 'no-harm-done' or when your business is in crisis mode?

 

How a ransomware phishing attack works

To add context to some of the points I have raised above, I have illustrated just how easy it can be to run afoul of ransomware. To be clear, this is not the only method of attack that can lead to an infection, but it is one of the most common. A typical example would be phishing attacks that lead to ransomware infection.

Phishing Attack lifecycle

To learn more about how you can protect your organisation, book your free 30-minute security consultation with one of our penetration testers. Get agnostic advice from industry experts on how secure your business. Request here.

Recommended Content

Big or Small, Cyber Crime Targets Us All

Big or Small, Cyber Crime Targets Us All

Jack Smallpage, Information Security Officer at Chess, explains how businesses are vulnerable to cyber attacks regardless of size, plus things you can do to protect your business and improve your cyber security.

Is IT Outsourcing The Answer?

Is IT Outsourcing The Answer?

Emma Stott, Customer Service Director at Chess, reviews why organisations look at IT outsourcing.


Adam Gleeson

Adam Gleeson

Adam Gleeson, Vendor Alliance Manager at Chess, has a passion for IT and cyber security. With over 15 years of experience in the industry, Adam's resume boasts a wealth of knowledge around keeping businesses cyber secure.


Speak to a Product Specialist

You can fill out the form and one of our product specialists will contact you shortly with more information.
Sales
To contact our Sales team directly, please call 0344 770 6000 and choose option 4.
Customer Service
For general queries or to report a non-urgent fault, please log a ticket on our customer portal using the email address associated with your account. Logging a ticket is quick and easy to do. Once you have logged your ticket, we will respond within 24 hours or your Service Level Agreement, whichever is quicker.
I agree for my information to be used for marketing communications.
Chess Privacy Notice

By submitting your personal information through this form, you consent to your information being processed in accordance with the Chess group privacy notice.