Skip to the content
Adam Gleeson, Vendor Alliance Manager at Chess, offers insight into how cyber security vulnerability assessments can help businesses protect and improve their systems. He covers:


UK businesses rely on technology every day and cyber criminals are constantly on the lookout for weaknesses in this technology to exploit.

In fact, the Verizon 2020 Data Breaches Report shows that a UK business is successfully hacked every 19 seconds.

This shows that businesses are vulnerable, but there are steps a business can take to protect its systems. Read our blog on Quick Wins to be Cyber Secure for more information.

Why do we need vulnerability assessments? 

The software on our devices and IT infrastructure is constantly changing. Suppliers add new features, functionality, integrations, processes, and more. 

These changes can introduce weak points in our security. These 'flaws' in the software or misconfigurations are commonly referred to as 'vulnerabilities' and can sometimes cause major security risks to your business. 

You might think that it’s best to just not allow changes, but unfortunately, this is also a risk as changes are often made to help fix older vulnerabilities. The best way to protect your business is to reduce your vulnerabilities as much as possible. This makes the attacker’s job more difficult and time-consuming.  

One of the easiest ways to manage any vulnerabilities is to regularly scan for them – so you can protect against them before an attacker can exploit them.  

Having the ability to check and identify these vulnerabilities is key to any business’ security strategy.  

That is where a Vulnerability Assessment comes in. A Cyber Security Vulnerability Assessment is a way for businesses to check where they are most at risk. 

This information is key to a business cyber security plan as it shows where actions are needed.

A UK business is successfully hacked every 19 seconds

Book a Cyber Security Vulnerability Assessment

What are internal vulnerabilities? 

Internal vulnerabilities are weaknesses in the systems that sit within your business. These can be weaknesses on servers, software, virtual infrastructure hosts, network hardware, or even storage arrays. 

Software regularly updates through 'software patches' or 'hotfixes'. These patches are often to resolve the vulnerabilities in their software. Many software packages can simply keep themselves up to date automatically (Microsoft Windows and Office are good examples of this).  

There are also many software packages that do not automatically update or will only do so when the user allows it. This is a key example of where your business may have internal vulnerabilities. 

Phishing emails are emails designed to trick users into clicking something that looks real and entering their details into a fake website. Users clicking these fake links is by far the most common way that attackers use to gain access to your systems.   

Internal vulnerability assessments are the most efficient way to identify risks from internal vulnerabilities and take action to remedy them.

What are external vulnerabilities? 

Another of the most common cyber threats is automated botnets. Botnets are networks of computers that have been infected by an attacker and are then used to launch attacks against organisations.  

Botnets are usually automated, and they search the internet-connected devices for potential vulnerabilities to take advantage of. When the botnet finds a vulnerability, a human hacker will take over and begin attacking. 

This is why it is important to be double-checking your internet-facing interfaces to check you are not vulnerable and do not show up on the botnet’s radars.  

This is where the external vulnerability scan comes in by searching your external interfaces for vulnerabilities that an attacker could use and identifying the risk so you can act before a hacker does. 

Book a Vulnerability Assessment 

A cyber security vulnerability assessment is the first step to protecting your business. Find your vulnerabilities before a hacker does.  

Book Your Vulnerability Assessment Now

Recommended Content

2021 Top Security Vulnerabilities

2021 Top Security Vulnerabilities

Luiz Simpson, Director of Security Testing, summarised the top four vulnerabilities from last year.

Government Cyber Security Strategy: 2022 – 2030

Government Cyber Security Strategy: 2022 – 2030

Graham Foreman, Head of Public Sector Sales at Chess, comments on the new Government Cyber Security Strategy 2022 – 2030 and addresses the main challenges organisations may face.

Adam Gleeson

Adam Gleeson

Adam Gleeson, Vendor Alliance Manager at Chess, has a passion for IT and cyber security. With over 15 years of experience in the industry, Adam's resume boasts a wealth of knowledge around keeping businesses cyber secure.

Speak to a Product Specialist

You can fill out the form and one of our product specialists will contact you shortly with more information.
To contact our Sales team directly, please call 0344 770 6000 and choose option 4.
Customer Service
For general queries or to report a non-urgent fault, please log a ticket on our customer portal using the email address associated with your account. Logging a ticket is quick and easy to do. Once you have logged your ticket, we will respond within 24 hours or your Service Level Agreement, whichever is quicker.
I agree for my information to be used for marketing communications.
Chess Privacy Notice

By submitting your personal information through this form, you consent to your information being processed in accordance with the Chess group privacy notice.