We lock our doors and windows to protect our homes from burglary. We fit immobilisers on our cars to hinder theft. We have passwords and two-step authentication to mitigate the risk of our social media profiles getting hacked.
What are we doing to protect our businesses and charities from Internet-based attackers?
At the end of 2017, Computer Weekly reported that Ransomware was up nearly 2,000% in two years. While WannaCry and NotPetya signalled the emergence of destructive and disruptive attacks, security researchers found that, in general, cyber attacks on businesses in 2017 grew in frequency, sophistication and malice. The majority of cyber attacks exploit basic weaknesses in your IT systems and software. Cyber criminals don’t just attack banks and large companies – they target any organisation which isn’t properly protected. An attack may put off your customers, stop you actively trading and can damage your hard-earned reputation. Loss of data could breach the Data Protection Act and lead to fines or prosecution – which ties in with GDPR, which will be in force from 25th May 2018 A report on the new age of organised cyber crime by Malwarebytes claims that the new generation of cyber criminals increasingly resembles traditional mafia organisations, requiring a new approach to dealing with it.
Vox Securitas are equipped and ready to protect your Organisation against cyber crime, using a government approved scheme called Cyber Essentials PLUS. The Cyber Essentials PLUS scheme audits your Organisation against the five security controls that, according to the UK government, could prevent “around 80% of cyber attacks”. The five basic controls within Cyber Essentials were chosen because, when properly implemented, they will help to protect against unskilled internet-based attackers using commodity capabilities – which are freely available on the internet.
The five controls are: Boundary firewalls and internet gateways, Secure configuration, Access control, Malware protection, Patch management. You can read more information on the five technical security controls here. Vox Securitas will work with your Organisation to answer the Cyber Essentials assessment questionnaire, your Organisation is then audited against a test specification set out by the National Cyber Security Centre. The external network is tested (ports and services), including looking at basic web application scanning for common vulnerabilities. The internal systems are also tested, mainly focusing on email. In addition to Cyber Essential plus, Vox Securitas can undertake a deeper vulnerability assessment of the Web applications and their installations.