Category: Uncategorised

Security researchers from the software manufacturer Symantec have found unencrypted AWS access keys in almost 1,900 smartphone apps in the public domain.

Security researchers at Symantec found almost 1,900 publicly available smartphone apps (including mobile banking applications) with easily accessible unencrypted access keys, allowing them to access backend app data and private customer data. Within the 1,859 publicly available apps – 98% of them for iOS – the team of researchers found access tokens for amazon Web Services (AWS), which enabled access to a plethora of Amazon cloud data. Files belonging to 15,000 medium and large enterprises were discovered, alongside 300,000 biometric fingerprints.

Developers using AWS had put access tokens in clear text (entirely unencrypted) in source code, allowing anyone with the right knowledge and understanding of access keys to use them to access backend data on Amazon cloud. Not only this, but access to this data or the Amazon cloud was in many of those cases not restricted by any access management system or user identification process, meaning the researchers weren’t just able to access the data easily, but they could also modify and delete it, throwing into question the integrity of all data stored within the affected apps and institutions.

Although the access keys in this case were explicitly found within mobile applications, they could all be used to access data stored in AWS. The question is, if you’re currently hosting with AWS, how do you ensure you aren’t falling foul of the same mistakes these developers made?

Well thankfully, if you do want to secure your AWS or any other public cloud hosting, there are lots of solutions on the market that can help you do that. Below are a few of the solutions you can adopt to keep your data safe…

– Firstly, you could use the CyberArk Cloud Entitlements Manager to gain an overall view of your permissions and access. This would help you to remove any excess permissions that are no longer required right across your cloud footprint.

– Secondly, you should secure your access keys. This step doesn’t necessarily require a program, but it does require you to ensure that they are not stored in source code in clear text! If you must store your access keys in source code, ensure they are encrypted.

– If you are an app developer hosting through AWS, a possible solution to secure any secrets in your CI/CD pipelines could be CyberArk’s new Secrets Hub. The recently launched “Secrets Hub for AWS Secrets Manager” removes secrets from your application and replaces them with API’s, simplifying the developer experience and ensuring one centralised security policy can be carried out across the entire enterprise.

– Finally, you also need to think about access management. If a hacker does manage to decrypt your access keys, how do you ensure that they do not have the permissions required to access and/or modify your data? Identity and access management are hot topics in the cyber security space right now and, at Infosec K2K, it is one of our core specialities. Find out more about how we can help you to control user access to your data here.

Looking for support assessing, improving or implementing your cyber security solutions? You’re in the right place.

Get in touch with us to find out more about how we can help you.

The world’s number 1 taxi app was hit by a rather serious cyber security attack recently. But what really happened and what can we learn from the Uber hack?

Last week, it was revealed that Mobility as a Service provider Uber was hit with a high-profile cyber attack that has left the company’s reputation at serious risk. In today’s blog we’re exploring exactly how the attack took place, how it could have been avoided, and what we (as IT teams, cyber security experts and business owners) can learn from it.

Allegedly, a young hacker was able to download HackerOne vulnerability reports and view and screenshot almost all of the company’s internal systems (including emails, Slack messages, the company’s security software and Windows domain).

The hacker is said to have breached Uber through a social engineering attack (an attack that utilises psychological manipulation to coerce a user into performing certain actions or divulging confidential information) on an employee. They launched what is known as an MFA Fatigue attack – whereby a hacker almost has access to a user’s account but is blocked by multi-factor authentication. The attacker then spams the employee with multi-factor authentication requests until they become tired of seeing them and accept them. In this case, they completed the process by contacting the employee, claiming to be Uber IT and asking that they accept the request. The employee did as they were told, providing the hacker with access to the company’s intranet.

Once on the intranet, the hacker claims to have found a PowerShell script containing plain text admin credentials for the company’s Thycotic privileged access management (PAM) platform.

This was then used to access logins for the company’s other internal services, including app sourcecode and databases.

Well, in this case, the lessons are fairly simple.

1. Even if your business has a PAM solution in place, you will still require secure program enforcement to ensure all attack vectors are closed (even those that arise due to the introduction of a PAM solution, such as the one used to exploit Uber).

and

2. Never ever store your (privileged) credentials anywhere in clear text, especially not in automation scripts. Use encryption and/or dedicated solutions for secrets management, instead.

You’ve worked far too hard to let your business (or the business you work for) fall victim to a cyber attack such as the recent Uber hack.

At Infosec K2K, we know what it takes to keep your business safe from the threats of today and those of the future.

Get in touch with us to find out more about how we can help you.

As cyber criminals continue to find new and more complex ways to infiltrate our networks, cyber crime continues to rise in complexity and frequency. In this blog, we’ll be highlighting some of the most common cyber security threats and explaining how you and your organisation can avoid falling victim to them.

What Is It?

Malware is intrusive software that aims to perform malicious tasks to gain access to a network, spy on user activity to obtain sensitive data, or disrupt and damage a computer and its systems. The most notable and severe method, ransomware, aims to extort the victim by encrypting files and demanding a ransom to regain access. Other common types of malware include Trojan horses, spyware, worms, viruses and adware. You might have come across this one in the form of dodgy, unsolicited pop-ups and ads on your computer that you just can’t get rid of – that’s how they draw you in.

How Can I Prevent It?

Unfortunately, preventing a malware attack isn’t easy, as modern antivirus products cannot tackle advanced cyber threats alone. But with the following, we can work to mitigate the risk.

• Unmanaged administration rights can pose a high-security risk for malware-driven attacks. Removing local admin rights, applying the principle of least privilege and implementing session isolation can effectively slow and control the spread of malware. Tools like Comprehensive PAM Controls from CyberArk use access management to protect against ransomware.

• With a multifaceted approach that utilises comprehensive cyber solutions to monitor and protect defences effectively, we can avoid falling victim to attack.

• Without advanced protection, malware can easily conceal itself in your network to evade detection, so using all-around preventative security measures will help you avoid becoming a target.

• The small things matter, too. Be vigilant of and avoid malicious content, keep software patched and updated, and enforce a strong password policy that uses multi-factor authentication.

What Is It?

We’ve all heard of phishing, and have likely fallen victim to it ourselves, or at least know someone who has. Of the 39% of UK businesses who identified an attack last year, the most common threat vector was phishing attempts (83%). A phishing attack often arrives by email and uses fake links to websites posing as legitimate organisations to lure the victim into handing over valuable information like passwords, bank details, and intellectual property. This is the most common form of attack, with trickery an easy way to catch out victims who may not otherwise be aware of how to spot a phishing attempt.

How Can I Prevent It?

We can stop phishing attacks in their tracks in one of two ways – by learning how to detect attempted attacks, and investing in software that can do it all for us.

• Phishing is heavily reliant on human error, so education is the number one way to avoid these types of attacks. Learn how to identify suspicious content and when not to share personal information.

• The usual tell-tale signs of an illegitimate email, SMS or website are grammatical errors and spelling mistakes, an urgency to act now, unusual content or request or suspicious links or attachments. We can use tools like the National Cyber Security Centre’s suspicious website form to report these.

• Investing in phishing detection and response software that can identify malicious content online will help to reduce the risk of attack.

• Setting up simple tools like spam filters on your emails will make it harder for illegitimate messages to reach your inbox.

What Is It?

A zero-day exploit or attack is where cyber criminals learn of and prey on undiscovered vulnerabilities in widely-used software applications and operating systems, and exploit them before they can be fixed. As users are unaware of the vulnerability, this form of attack is hard to predict. Unknown vulnerabilities could be your biggest downfall, and could cause huge reputational and operational damage for large-scale businesses if they’re not addressed before it is too late.

How Can I Prevent It?

The solution to mitigating the risk of zero-day exploits and attacks involves both an investment in software and small but effective solutions that organisations could easily implement themselves. Again, these attacks prey on human error, and it’s important to have preventative security solutions in place that can detect vulnerabilities sooner.

• Comprehensive anti-virus software solutions can block unknown threats and prevent attackers from installing unknown software on your computer.

• By performing simple software updates in which vendors have deployed security patches to protect against new vulnerabilities, you’re less likely to fall victim.

• Install a web application firewall (WAF) on your network to filter out malicious traffic. Again, this form of attack preys on human error.

What Is It?

A Denial-of-Service (DoS) or Distributed Denial-of-Service (DDoS) attack is a malicious, targeted attack that aims to flood a network with illegitimate service requests and traffic to trigger a system crash, rendering it inaccessible for users. By disrupting business operations, the attack prevents users from performing routine tasks or accessing resources that are operated by the compromised computer or network. Find out more about DDoS attacks in our recent blog.

How Can I Prevent It?

Regardless of your defences, DoS attacks can still penetrate your system. But with the right solutions, the risk can be reduced.

• Invest in software that can detect abnormal traffic spikes from legitimate site usage, so that you can identify dry run test threats before a fully-fledged attack is executed.

• Penetration testing can be used to your advantage, by performing a simulated attack to uncover and patch any detected vulnerabilities.

• A web application firewall (WAF) can also be used to monitor HTTP traffic, to prevent cross-site forgery, file inclusion and SQL injection.

What Is It?

A man-in-the-middle attack (MITM) sees an attacker intercepting communication between two parties to spy, steal personal information or credentials, or change the conversation in some way. The attacker will often rely on unsecured network connections like public Wi-Fi to intercept exchanges. However, with the advancement of technology, many email and chat systems are now using end-to-end encryption to prevent third parties from tampering with the data, meaning MITM attacks don’t happen as much as others.

How Can I Prevent It?

• Ensure you have a strong and secure network connection. Avoid using public Wi-Fi connections when engaging in confidential conversations where your data could be jeopardised. Instead, use a VPN to protect your internet connection and privacy online.

• Invest in endpoint security software that can check potentially dangerous websites and emails, and step in to provide defence if your network becomes infected.

• Educate employees on how to remain vigilant throughout the communication process, and only have these conversations when you have access to a secure connection.

Staying on top of emerging threats doesn’t need to be a challenge – and you don’t need to do it alone. With comprehensive security solutions from Infosec K2K, we can work closely with your organisation to protect against the most common forms of cyber security attacks. But how so? With a managed Security Operations Centre (SOC) that combines artificial intelligence and human expertise, we can grant increased visibility and control over security matters with advanced detection and prevention techniques. With the right solutions, we can work to eliminate these threats and create a safer space for organisations to operate without disruption.

We put security first. Take the next step in protecting what matters most with expert cyber solutions from our trusted team.

Get in touch with us to find out more about how we can help you.

As technology advances, so does cyber crime, and when 95% of cyber security breaches are caused by human error, we can’t afford to make any more mistakes. If your current cyber solution is lacking, it might be time to re-analyse your existing security strategy. Or, if you’ve just started your journey to better protection, there’s a whole world of solutions out there. But which will come out on top – investing in an in-house team or seeking out external support? With advantages to both, read on to find out all you need to know before making that all-important decision.

So, you’ve decided to take your organisation’s security to the next level, great! But how do you know what’ll work best for you? Whether it’s hiring security experts to work in-house or investing in external support from an outsourced cyber security firm, there’s a lot to consider, and it all depends on the time and budget you’re willing to allocate and the goals you’re seeking to meet. Let’s dive deeper and look at what should be on the top of your radar when making the big decision.

Cyber security is ever evolving and methods of attack often change. Keeping security professionals on their feet at all times comes at a high price. To make that initial decision, there are 3 key points you’ll need to conquer first – money, time and needs..

This is a great place to start as ultimately, the budget you allocate will determine the extent of support you can receive. Whilst it might be tricky to put a number on it or invest in something that hasn’t necessarily happened yet, or you can’t yet see the benefit of, you’ll be better off for it (trust us!). When comparing the two types of support on offer, both are costly as they require specific expertise.

Hiring in-house requires extensive training, a complex set up and high salaries. Cyber-trained individuals are hard to come by, and if you can successfully source one, they are costly to keep. They need to be dedicated and well educated on the ever-changing world of cyber security, as it’s not a role you can float in and out of. Whilst, on the other hand, outsourcing is a more affordable solution that can cut costs that would be needed for recruiting and training internally.

An outsourced cyber firm will have everything ready to go, but as their capabilities stretch far and wide, and cyber criminals will strike at any point, you might need to splash the cash a bit more than you’d intended to.

In the case of cyber security, time is of the essence and critical to keeping your network adequately protected. Just like costs, time goes hand in hand with the budget. The more you invest, the more time you’ll receive. An internal team will require a few trained experts, plus technology that’ll need maintenance. Often, these internal hires are deemed “IT experts” and will be pulled from all directions to deal with other IT issues besides cyber security, which isn’t time efficient. If there are limited resources and other departments require more budget, cyber security could fall in priority and you could become an easy target!

Though, with an internal team, your organisation’s needs will come first so staff can react quickly, plus, offering greater control over your solutions where employees are easier to manage than third-party contractors whose resources are split amongst other clients.

But, with external support, you can free up time for your staff and have a better idea of what your invested time is going towards. Outsourcing is the fasted approach because of the severity of the situation, where security professionals are trained and ready to provide support imminently.

Every business has different needs, which, most of the time, are dependent on its size. Look at the size of your business, the complexity of your system, the reach of your network, and the amount of data you’re storing. Whilst large organisations might be harder to breach, there are greater entry points for hackers to exploit. Whereas small enterprises are less likely to invest in sufficient protection so are less aware of the threat involved, making them an easier target. The key point to remember is: cyber criminals can affect businesses of any size and type.

Hiring in-house would provide better visibility of operations and knowledge of your organisation’s needs, making threats could be easier to predict and mitigate. The DIY approach to security will allow your internal team to handle issues head-on and skills can be repurposed if there is demand internally.

On the flip side, external support will offer solid expertise and experience in the industry – these companies work with multiple clients with various setups and know how to protect against many types of attacks, so understand the need for bespoke solutions.

Our team at Infosec K2K are trusted, proactive and flexible, with a global reach to support clients wherever and whenever they need us. Depending on the stage you’re at in your cyber journey, the service(s) you require can differ, which is where we come in. Offering solutions for your unique requirements, we can assist those just starting who are wanting to bolster their defences with an expertly managed Security Operations Centre (SOC), those who’ve already got a solid plan in place but want to further highlight their commitment to security with assessments, certifications and accreditations, and much more.

If you’re looking to advance your cyber security solutions and want to invest in external support, look no further!

Get in touch with us to find out more about how we can help you.

The risk of cyber attack through malicious bot action is rising. Ransom-motivated DDoS attacks increased by 175% between Q3 2021 and Q4 2021. It’s important to understand the differences between legitimate and malicious web traffic. By adopting smart cyber solutions, we can better mitigate against the risk of a DDoS or DoS attack.

What is a DoS or DDoS attack? What does it involve?

A Denial-of-Service (DoS) or Distributed Denial-of-Service attack is a malicious, targeted attack. It aims to flood a network with illegitimate service requests and traffic to trigger a system crash. This renders it inaccessible for users. By disrupting business operations, the attack prevents users from performing routine tasks or accessing resources that are operated by the compromised computer or network.

Many DoS attacks can also develop into ransomware attacks. This stops to critical business operations, resulting in a loss of critical time and money and causing reputational damage.

Unlike other attack vectors, DoS isn’t reliant on criminal activity and can also occur naturally through what we would consider perfectly normal user interactions on the web. When we shop online, clicks are passed through our internet service provider, to external e-commerce applications and back to our site infrastructure. Servers work tirelessly to handle and execute each request. However, if there’s too much going on, the system can become overloaded, resulting in a denial of access to the service.

DoS and DDoS – What’s the Difference?

With different points of origin, these system infiltrations represent themselves in one of two forms:

• Denial-of-Service (DoS) uses a script or tool to overload targets from a single machine. Since it comes from one location, it’s easier to detect the origin of a DoS and sever the connection. Thanks to advanced technologies in the modern cyber landscape, DoS can easily be deterred.
• Distributed-Denial-of-Service (DDoS) attacks deploy several infected remote machines (bots) to generate a small number of requests, which when added together, overload the target. With increased speed making detection difficult, the attacks can result in significant damage when a large amount of traffic is sent from various locations simultaneously, making it a more sophisticated method of DoS attack.

Overload-based DoS attacks can target different types of resources. The majority falling into one of two categories: network layer or application layer. Network layer DoS attacks attempt to overwhelm the target by exhausting all available bandwidth. Whereas, application layer DoS attacks target the service application that users are aiming to access to deplete all resources and stop it from running completely.

What Do They Do?

The two main types of DoS attacks against web resources – network layer or application layer – have different aims. They’re either designed to crash or to flood.

• Buffer overflow is the most common form of DoS attack. It occurs when the attacker drives more traffic to a network address than it can handle. A buffer represents the area of physical memory storage that is temporarily used to store data whilst it is being moved. An overflow occurs when the program seeking to write the data to the buffer overwrites neighbouring memory locations. The attack permeates all available bandwidth, such as CPU, disk space and internal memory. This results in slow performance and system crashes.
• Flood attacks occur when attackers send too high a volume of traffic to a system for buffers to process, putting a stop to permitted network traffic. The type of flood attack is dependent upon the type of packet used, in which there are two common types of attack. ICMP floods attempt to overwhelm devices with fake Internet Control Message Protocol (ICMP) echo-request packets that ping all computers on the chosen network, whilst SYN floods can send= initial connection request (SYN) packets to servers, and flood the system to overrun all available ports.

Notable DDoS Attacks

DDoS mitigation service provider, Cloudflare, successfully prevented the largest HTTPS DDoS attack in history in June 2022, recorded as 26 million requests per second. The incident followed previous high records of 17.2M rps in April 2021 and 15M rps in April 2022.

Microsoft’s Azure cloud service mitigated a 2.4 terabits per second (TBPS) DDoS attack. This was the largest attack of its kind that the company had faced, and the second-largest DDoS attack ever recorded. The attack follows Google’s 2017 attack of 2.54 gigabytes per second (GBPS), which is the largest DDoS attack of all time.

Flashback to 2019. The Guardian reported that the UK Labour party had fallen victim to two “sophisticated and large-scale” DDoS attacks. These were driven by botnets seeking to flood servers and disrupt party operations. Though confident that the attack didn’t cause a data breach, campaign activities were slowed. Guidance was also sought from leading security professionals, National Cyber Security Centre.

Mitigating the risk of a DoS attack

Denial-of-service attacks cannot be prevented as such – cyber criminals will strike whenever they please. Regardless of the defences, your organisation has established, you may still become a target. But, by having the ability to detect abnormal traffic spikes from legitimate site usage, you’ll be one step closer to identifying dry run test threats before a fully-fledged attack is executed. With the following preventative measures, the risk of DoS attack can be mitigated.

• Penetration testing to perform a stimulated attack that can uncover and patch detected vulnerabilities
• DDoS testing or DDoS mitigation services use four key stages: detection, diversion, filtering and analysis
• Web Application Firewall (WAF) to monitor HTTP traffic and prevent cross-site forgery, file inclusion and SQL injection
• Response plan which should be included as standard in your cyber strategy if all else fails

Our Solution

A DoS or DDoS attack can’t be entirely avoided. However, there are still many ways we can create a solid security framework. This can prevent further damages should an attack occur. With our expert cyber solutions at Infosec K2K, we can stop businesses from falling victim to these types of attacks.

By investing in our managed cyber security services, like our Security Operations Centre (SOC), threats can be eliminated from the offset, thanks to 24/7 monitoring and detection of suspicious activity.

At Infosec K2K, we recommend performing a dry-run attack with Penetration Testing. We can highlight any potential system vulnerabilities for patching, to prevent the worst from happening. However, if that is the case and you’ve been exploited by DDoS, don’t panic.

Our solutions also apply post-attack. Our expert team will take control of the threat quickly and efficiently, so you don’t need to worry about it impacting your business any more than it already has. With the help of our expert cyber solutions, you can mitigate the risk of a DoS attack and better protect your business from cyber risk across the board.

Get in touch with us to find out more about how we can help you.

What should my company invest in? What are the best solutions to detect, monitor and eliminate risk? The answer often directs us to the trusty Security Operations Centre (SOC). Devo’s Ponemon Institute research revealed that 40% of IT professionals classed their SOC as very important to their organisation’s overall cyber security strategy. For increased visibility and control over our security matters, the combination of artificial intelligence (SIEM) and human expertise (SOC) is a winning solution. Reducing risk, one threat at a time.

What is a SOC?

To survive a cyber attack, organisations must arm themselves with technology that can detect incidents in their infancy. But, that does require input from us, too. The most effective way to integrate your defences is with a Security Operations Centre (SOC). An effective SOC offers 24/7 surveillance of computer networks and servers to identify vulnerabilities in digital infrastructure and mitigate the cyber risk. It uses artificial intelligence through Security Information and Event Management (SIEM) to collect and analyse accumulated log data which, when combined with human expertise, forms an everlasting security solution. A SOC allows for greater visibility and stronger security procedures. The result? Better protection for your most valuable assets.

Why Your Business Needs a SOC

All organisations should be prepared when it comes to cyber security, but those operating across a number of networks and locations must be extra vigilant. For bad actors looking to compromise data, such large-scale, remote working companies are the top targets. However, by investing in an effective, centralised SOC, your business can maintain a strong defence. A managed SOC, working alongside SIEM tools, will help to detect, monitor and eliminate incoming threats. Without the data obtained from these cyber solutions, it would be impossible to determine the root cause of a breach and protect from future threats. So, for those looking to get more from their cyber security investments, a SOC could be the ideal solution.

Centralised Monitoring for Increased Visibility

Cyber criminals will strike whenever they feel they’re most likely to be successful, often attacking at unsociable hours when your employees aren’t alert to the threat. We need to adopt security solutions that can protect us from attacks, even when we’re not around to detect them. Organisations must be able to monitor and mitigate cyber risks easily, with maximum visibility. They must be able to manage critical IT infrastructure (and communicate its risks and vulnerabilities) all in one. This is where SOC comes in.

The downside? For optimised performance, the SOC solution requires 24/7 observation from reactive analysts and responders. Your dedicated security professionals must be ready and waiting to jump on flagged threats when required, as every second that passes is an opportunity for attackers to cause more damage!

Why Digital Transformation Has Created Risks

The recent adoption of digital transformation processes and remote working has resulted in increased use of cloud technologies and internet-connected devices, plus the connection of mobile and computing devices to corporate networks. Because of this, security measures are left with reduced visibility. By investing in a SOC that can detect, analyse and manage security alerts on a mass scale, security risks can become less of a worry.

Combining AI With Human Expertise

By blending advanced AI technology with unparalleled human expertise, a SOC forms the perfect cyber security combination. Managed by a single team internally, the SOC works hard to keep the entire organisation afloat. The collaborative practice between team members on a centralised system makes it easier to meet the cyber security needs of an organisation, leading to improved incident response times and better detection of threats.

Reduced Security Costs

Investing in solid security solutions isn’t cheap. But you’ll find that budgeting for cyber security as one of your top priorities is well worth it. Considering the detrimental impact that a cyber attack could have on your business, the associated costs are easily justified. According to its Cost of a Data Breach Report 2021, IBM reported that last year had the highest average cost of a data breach in its 17 years of researching the topic. Rising from $3.86 million to $4.24 million, this is far more than what investing in cyber security solutions will cost you.

Get more out of your security investments with a simple SOC. With the ability to streamline processes, quickly identify risks and reduce the impact of security incidents, the SOC will ensure continued business growth and development. A SOC can reduce business costs by creating a base for security resources to work together as one. With this, recruitment of extra staff to cover the workload and duplication of tasks are avoided. By investing in an effective SOC that can deter cyber attacks and avoid damage, you’ll receive a significant return on investment.

Our Solution

An outsourced SOC can take the hassle out of juggling security solutions in-house, reducing the time, cost and resources expended for your business. With the help of a third-party cyber security provider, like us at Infosec K2K, you can trust in the knowledge that your company’s security is in the very capable hands of expert professionals, who’ll monitor and manage cyber risk 24/7. Wherever you are on your cyber security journey, we’ll help you to reach your destination – secure business protection. So, why not start with an expertly managed SOC?

Take the next step in protecting what’s important for your business. Find out more about the power of our expertly managed SOC.

Get in touch with us to find out more about how we can help you.

Cyber security is becoming an increasingly important investment for small to large-scale businesses, as the sector sees exponential growth in technology and digital transformation. Though for some, the advantages are unclear. Reports show that privacy and security are hard to prioritise with 72% of consumers and executives reluctant to invest in something that “feels invisible” like behind-the-scenes security. By outlining the many benefits, and impact, that information security accreditations and certifications can have in preventing the risk of attack, the investment is made worthwhile.

With the number of data breaches, malware infections and cyber attacks on the rise year-on-year, the demand for skilled cyber security experts and cyber-aware business leaders has never been greater. This bears the question: what skills and expertise do we need to excel in the complex world of cyber security? Besides experience, accreditation and certification are the answer. But these responsibilities fall not just to IT professionals and c-suite executives, but all company staff to combat growing threats together. Knowledge is power, and power is protection.

Undertaking the necessary means to become security certified will show potential clients that you’ve committed to taking the necessary steps to keep them safe. Customers can be reassured that the security within your organisation has a level of validation, showing that you are a trusted provider in the cyber security field. By adhering to a high standard of security measures, your business will be able to continue to support the scale and success of its solutions, administering protection when customers need it the most.

So, What are the Top Cyber Security Accreditations that Businesses Should Be Investing In?

To help protect your vital business data and operations, it’s worthwhile investing in cyber security certifications and accreditations to keep your workforce security smart. Though these are generally aimed at professionals with IT experience, there are also certifications in cyber security designed for business leaders with minimal knowledge. Online criminals know no boundaries – all the more reason to invest in cyber-upskilling within your business.

Cyber Essentials

Cyber Essentials is a government-backed certification designed to increase cyber security within organisations, protecting them from falling victim to common cyber attacks. The requirements cover five main technical controls that aim to protect devices, internet connection, data and services. These include: software updates, firewalls and routers, malware protection, access control and secure configuration.

With two types of certifications – Cyber Essentials and Cyber Essentials Plus – you have greater control over the level of protection you wish to invest in. With Cyber Essentials Plus your business will receive the added benefit of a more hands-on technical verification approach, involving the administration of vulnerability assessments for additional assurance.

The benefits of having Cyber Essentials are:

• Safeguarding your business from 80% of common cyber attacks.
• Greater opportunity to acquire Government contracts and win new business opportunities that require the certification.
• Reassuring customers that you are dedicated to protecting your IT against cyber attacks and gaining a competitive edge in showing that you can execute this.
• Attracting new clients with increased cyber credibility and reputation.
• Having clear levels of cyber security outlined for long-term safety.

Note: In a recent announcement, the (NCSC) confirmed that updates would be made to the technical controls of its Cyber Essential scheme, coming into effect on the 24th January 2022. The updates will reflect the changes that businesses and governments need to adopt to remain cyber secure in the wake of increasing cyber crime. If your business has invested in Cyber Essentials, you may be affected by these changes. To keep your solution up-to-date, read more about update requirements in our recent blog here.

To find out more about how to obtain a Cyber Essentials certification for your business, visit the National Cyber Security Centre website here.

ISO 27001

ISO 27001 is recognised internationally as an information security standard, offering a best practice framework for Information Security Management Systems (ISMS). The accreditation consists of 114 controls that can be used to better secure overall information security, protecting your most vital business assets like confidential information, brand image and other private details. Application of ISO 27001 is a fitting response to legal and customer requirements such as GDPR and potential security threats including cyber crime, data breaches, misuse, theft and viral attacks.

ISO 27001 has seen a 24.7% increase in worldwide certificates in 2020, thus highlighting its importance in maintaining information security compliance for businesses across the globe.

The benefits of the ISO 27001 certification are:

• Showing your commitment to following information security best practices.
• Providing your company with an expert evaluation of whether your critical, private information is adequately protected.
• The ability to identify and treat security threats according to the level and type of risk that your business is willing to take and tolerate.
• Meeting supply chain contracts that specify ISO 27001 as a must-have certification.
• Peace of mind knowing that you meet necessary security laws (e.g. GDPR).
• Improved customer and business partner confidence.

To find out how your business can achieve an accredited ISO 27001 certification, visit the International Organization for Standardization website here.

Certified Cyber Security Consultancy (CCSC)

If your company operates on a consultancy basis or provides these additional services, then you may benefit from becoming a Certified Cyber Security Consultancy. The certification aims at providing support on a variety of complex cyber security issues to government, wider public sector and Critical National Infrastructure (CNI) organisations. Upon completion of the certification, consultancies can prove that their services meet the NCSC’s high-quality standard for specially tailored cyber security advice. Currently, consultancy companies can be certified to offer the following cyber services: audit and review, risk assessment, risk management and security architecture.

The benefits of becoming a CCSC are:

• Receiving expert cyber security advice from a network of certified professional NCSC Assured Service Providers.
• Exclusive access to member benefits with Tier 1 and Tier 2 options, such as an invitation to the annual CYBERUK event, priority NCSC support and quality management, membership of the Scheme CiSP group, an invitation to Master Class events or Community event workshops, and much more.
• To show that your company meets the NCSC’s standards as a trusted cyber consultancy, acting in the government’s name

To find out how your cyber consultancy could benefit from additional support from industry professionals, visit the National Cyber Security Centre website here.

What Certifications are Available for Cyber Professionals?

A rise in cybercrime has generated an urge for cyber security professionals to join the sector. But the cyber security field is not easy to navigate, requiring candidates to invest in additional training and development. By increasing skill sets, individuals can arm themselves with the required knowledge to better understand how to defend against attack. With the implementation of certifications and accreditations, job-seekers and hiring employers can rest in the knowledge that career pathways are clear and businesses can be safeguarded by skilled workers.

By 2021, experts expect there to be 3.5 million unfilled cyber security jobs worldwide, one reason why thousands of professionals are turning their attention to cyber security.

If you’re seeking to recruit new talent to grow your workforce or searching for a role in cyber security yourself, here are the top certifications you should be looking for, as ranked by the most popular recruitment sites.

Advanced and intermediate certifications for cyber security / IT professionals:

1. Certified Information System Security Professional (CISSP)
2. Certified Information Systems Auditor (CISA)
3. Certified Information Security Manager (CISM)
4. CompTIA Security+ Certified Ethical Hacker (CEH)

Beginner certifications for business professionals:

1. UK Professional Development Academy – Cyber Security Beginner Certificate
2. Lockcode Cyber Security – The Cyber Threat to UK Businesses Course
3. Open University Open Learn – Introduction to Cyber Security Course

Our Solution

Having a compliant, industry-standard cyber plan in place can seem daunting if you’re just starting out, but it doesn’t need to be under our guidance. We’ll ensure your business is cyber security certified by selecting the right certifications and accreditations to undertake to meet specific security demands. The Infosec K2K portfolio of Policy and Process Assessments will help you to obtain the necessary accreditations to stay protected as part of a long-term strategy, not a box-ticking exercise. Take the next steps in protecting your business from the risk of cyber attack with the investment in industry-standard support and learning.

Find out how Infosec K2K’s specialist security assessments can keep your business protected in the long term.

Get in touch with us to find out more about how we can help you.

Following the migration of office to home working and adoption of cloud technologies for remote collaboration, cyber criminals have identified even more vulnerabilities in which to exploit. So, with these rapid changes, we’ve had to advance existing cyber security strategies to deny these newfound opportunities for attack. And at the centre of our attention right now is the National Cyber Security Centre (NCSC) Cyber Essentials scheme, with the power to combat 85% of the most common cyber attacks to eliminate threats for organisations across the globe.

What is Cyber Essentials?

Cyber Essentials is a Government-backed scheme, introduced by the NCSC, to help protect organisations from the ever-evolving cyber threat landscape and safeguard against common cyber attacks. By completing the certification, organisations can demonstrate their commitment to cyber security. The requirements cover five main technical controls that aim to protect devices, internet connection, data and services. These include software updates, firewalls and routers, malware protection, access control and secure configuration.

The two levels of certification – Cyber Essentials and Cyber Essentials Plus – can help you determine the level of protection you invest in. With Cyber Essentials Plus you’ll receive the added benefit of a more hands-on technical verification approach, involving the administration of vulnerability assessments for additional assurance. Certification for both levels can be achieved through NCSC’s partner, Information Assurance for Small and Medium Enterprises Consortium (IASME).

Why is it Changing and What are the Updates?

The scheme, reviewed by experts at IASME to ensure effectiveness, has released updates for 2022 to keep its five technical controls in line with evolving security challenges. Since its launch in 2014, this is the biggest major update to the technical controls, and it comes as no surprise, after businesses worldwide have had to rapidly adopt digital transformations mid-pandemic.

Home Routers

Security has become a challenge since working from home, which led to an update in Cyber Essentials for home routers. Whilst routers were previously provided by the employer on-site, the shift to remote working and purchase of home routers has put them out of scope. Now, IoT devices must be protected with a firewall, rather than a home router (unless provided by their employer, then it will be in scope of Cyber Essentials). These changes can be easily met with the use of a Virtual Private Network (VPN) that uses a corporate firewall, therefore transferring the boundary of the scope.

Cloud Services

To meet the demands of remote working, cloud services have been fully integrated into the scheme’s update. Organisations will need to check that their existing services meet Cyber Essentials standards. Platform as a Service (PaaS) and Software as a Service (SSaS) are now in scope, and so, organisations must take responsibility for user access control and the secure configuration of their services. Those taking charge of implementing one or more of the five controls within its cloud services must provide evidence of doing so to the required standard.

Password and Multi-factor Authentication (MFA)

Where we’ve adapted to using cloud services to access corporate information, so have cyber criminals, but they’re using it to launch attacks. To mitigate the risk of attack, we can use MFA as an extra layer of protection, which requires more than one verification method to access an account. Cyber Essentials have suggested four types of additional factors that may be considered: a managed enterprise device, an app on a trusted device, a physically separate token and a known or trusted account.

Critical Updates

The new scope outlines that all high and critical updates must be applied within 14 days and unsupported software removed. All in-scope devices must be licensed and supported, and have automatic updates enabled. When updates become unsupported, these must be removed from devices. These device updates should be performed within 14 days of being released, in which: update fixes vulnerabilities are defined as ‘critical’ or ‘high risk’, updates address vulnerabilities with a CVSS v3 score of 7 or above, or if there are no details on the level of vulnerabilities being fixed.

Organisations can no longer be selective about which patches they use, as this can render them vulnerable, the extent of which was emphasised by a public cyber attack against a vulnerability in the Microsoft Exchange System. After developing from a complex state actor attack to a commoditised ransomware attack in just seven days, the update to Cyber Essentials technical controls concerning 14-day critical updates is justified.

To read the full list of Cyber Essential updates that must now be adhered to, find out more via IASME.

So, What’s Next?

The updates to Cyber Essentials technical controls came into effect for new assessment accounts on 24th January 2022. Those undergoing assessments now, or before the date, will continue to reflect the existing technical controls, so in-progress certifications will not be affected. The NCSC has applied 12 months of grace for those needing to complete new certifications within the next 6 months. Though, if your Cyber Essentials is up for renewal after the 24th of January 2022, you’ll need to consider making the required changes to your existing cyber security solutions.

And, for those looking to invest in Cyber Essentials for their business, there’s no better time than now! With fresh new updates rolled out in January, the scheme is at its peak performance.

To take control of your vulnerabilities and find out what updates you’ll need to implement, contact our expert team at Infosec K2K. We’ll help you stay protected against rising cyber security threats.

Get in touch with us to find out more about how we can help you.

Though remote working has its many benefits, it does, unfortunately, go hand in hand with the increased risk of security breaches. With reports that nearly half (46%) of companies plan to implement a flexible, hybrid workforce in the future, it’s time to put our cyber habits under the microscope.

Cybercriminals will continue to hack, regardless. To them, every moment matters, whether we’ve suffered enough during the pandemic or not. The pandemic saw cloud-based systems for staff collaboration adopted en masse. This left many businesses vulnerable to attack from opportunistic criminals looking to target remote workers.

The rushed adjustment to new ways of working may have caused employees and organisations to overlook existing cyber security processes. Although system vulnerabilities may increase, remote workers aren’t destined to fall victim to attacks. You can avoid them and take steps to prevent them. By adopting cyber security best practices, businesses can reduce, or even eliminate, the threat of an attack altogether.

Research shows that 55% of companies believe digital transformation will have the largest impact on workplace transformation, with 67% of companies stating that cyber security and data security is the highest priority.

What is Good Cyber Hygiene and Why is it important for Businesses?

Cyber hygiene relates to the processes and precautions that businesses take to protect critical IT systems and keep confidential data secure from external threats. By implementing good cyber hygiene, businesses are more capable of warding off system deterioration and avoiding security risks. Protect personal and business data by following best practices, and prevent cyber criminals from breaching your networks and devices. Maintaining good cyber hygiene also helps with the maintenance of device functionality. It reduces exposure to outside risks that could hinder performance.

But these processes and precautions don’t just consist of completing a few tasks or ticking multiple boxes. They form part of an ongoing routine that businesses should regularly adhere to.

How Staff and Businesses Can Protect Themselves Remotely

Implementing cyber security best practices amongst your business and remote workers is much easier when you have an effective plan in place. These plans and processes can include, or be supported by sharing additional guidance material to keep online activity in check. For example, this could include privacy policies, support guides and most importantly, education and training.

Prior to drawing up cyber plans, businesses need to lay down the foundations of maintenance and security best practices for all employees to follow. It is the group effort that’ll make the difference in working together to safeguard the business as a whole.

Performing Regular Maintenance

If there’s a missing link in your IT software or systems, hackers will be sure to find it and take full advantage. Businesses will need to perform regular maintenance on their digital technologies to avoid this. This ensures IT software and systems are kept secure and stable, while remote workers can operate effectively. Basic IT maintenance involves:

• Performing updates – Often built into computer operating systems, undertaking regular updates is easy. In doing so, the software is kept up to date, improvements are made to computer security and any bugs are fixed. These updates will protect your computer and data from system issues and cyber security threats.
• Installing antivirus software – If you haven’t already, it’s a good idea for employers to invest in antivirus software for staff devices. It just takes one click from an unsafe website for malware to be deployed onto your system. Perform regular scans to make sure your computer is running properly and data is kept safe.
• Managing disk space – Software will stop working if your computer’s hard disk fills up. To avoid this and free up space, you can uninstall programs you no longer use and delete files you don’t need. Be sure to also clear up your recycle bin, where files go before they are removed from your device permanently.
• Enabling backup and recovery – The last thing you want to happen is for important data to be lost entirely, or worse, stolen by hackers. External hard drives are a good way to store excess files in case of a breach. Make use of your Mac or PC internal backup software to protect your files. With cloud systems, work is backed up automatically.
• Updating system patches – Patches are conducted to repair vulnerabilities or flaws within system versions, upgrades and features. These solutions are an investment that all businesses running large systems with lots of applications should consider, as patch management will scan, detect and fix errors to improve cyber health.

Enhancing Security Measures

Whilst predicting and preparing for future threats is difficult, by implementing enhanced security measures your business won’t be constantly on the lookout. By adopting security best practices, company devices and systems will remain protected. These top tips can also be applied to reflect our everyday digital habits and personal use of devices. To be smarter with security, we can adopt the following best practices:

• Creating strong passwords – If a similar username and password combinations are used across different sites, this is an easy way for hackers to steal your information. By making sure each password is unique and difficult to crack, you can easily eliminate the risk of a data breach. Many sites now aid the creation of strong passwords by suggesting the use of at least 8 characters, a mix of uppercase and lowercase letters, numbers and special characters. To help keep track of these passwords you can use a Password Manager.
• Avoiding phishing – Staff should remain vigilant for phishing scams that distribute information from what appear to be legitimate sources in an attempt to steal your sensitive information, credentials or data. These can come in many forms – websites, adverts, texts, phone calls and emails. With just one click, malware can be automatically downloaded and installed onto your software, or by inputting your details, identity theft can be committed.
• Using two-factor authentication – Though it can be a pain and slow login time, two-factor authentication creates an added layer of security by verifying your identity in at least two different forms. These include something you are (biometric recognition), something you know (password) and something you have (mobile phone). You’ll receive notifications of these login requests which helps in identifying if someone is trying to wrongly access your account or software.
• Identity and Access Management (IAM) – By adopting this framework, businesses will be armed with the ability to identify users, authenticate said identities and authorise the appropriate access. Having IAM policies and procedures in place will help to avoid identity theft and granting wrongful access to sensitive information. Find out more about IAM in our recent blog.
• Connecting to Wi-Fi networks cautiously – With remote working, it may be the case that you’ll be working away from the office or home environment from time to time. In this instance, it’s important to ensure you aren’t connecting to unsecured, public Wi-Fi networks as this will make it easier for cybercriminals to access your information.

Our Solution

If you’re unsure how to get started but want to protect your remote staff and business assets, we can help you set things in motion. Navigate the hostile threat landscape with support from our experts at Infosec K2K who’ll work closely with your IT teams to implement an effective cyber security plan that’ll help keep your hybrid workforce safe.

By keeping threats under control and data secure, your business operations can run smoothly under the guidance of our Security Operations Centre (SOC) that can identify potential system weak spots that could be vulnerable to attack. Our portfolio of solutions can support you at every stage of your cyber security journey, whether you’re going through a digital transformation, already have some solutions in place, or you’ve just been the subject of a recent cyber attack.

Discover more about how our expert solutions at Infosec K2K can keep your remote workers safe and protect what’s most important to your business.

Get in touch with us to find out more about how we can help you.

Year-on-year, attack, breach and incident rates have continued to rise by 15% within the cyber world. In addition, PurpleSec reported that cyber crime is up 600% as a result of the COVID-19 fallout. As remote working left us more vulnerable to attack, hackers thrived off increased opportunities to strike. Going into 2022, there are a number of cyber security trends to watch out for. We can expect cyber criminals to get smarter, more advanced and more efficient in finding ways to harvest our data, with attack rates likely to rise.

As 68% of business leaders feel their cyber security risks are increasing, this must be counteracted by recognising the benefits of investing in effective cyber security solutions to safeguard data, assets and systems this new year. To mitigate risk, we must be proactive.

Rising Cyber Threats in 2022

Cyber security risk management has become a prominent topic for board discussion in recent years, with many C-Suite executives now deeming it a top business priority. And it makes sense, following an escalation of malicious cyber incidents experienced last year, many of which were fueled by increased internet use during the pandemic. As 2021 was deemed the year of ransomware, following rampant attacks on organisations like Kaseya and Colonial Pipeline, the severity of cyber crime left board members realising the significance of investing in effective, ongoing security solutions. To understand what to look out for, let’s dive deeper into the rising cyber threats, trends and predictions for 2022.

Social Engineering via Social Media

While we’re used to sharing personal information online, access to technology is becoming more widely available, as is the use of social media platforms. However this material can be taken advantage of once it’s out in the open. A celebratory new job post to our close network can very be exploited by criminals, putting you and your workplace at risk. Social media has become a treasure trove of easily-accessible information for online criminals; exploitation is simplified when social engineering manipulation comes into play.

So, what is social engineering? It is when a hacker plays on human interaction by using malicious activities to psychologically manipulate us into giving away sensitive information, compromise security, or transfer money. The emotional responses triggered can easily convince us to release private information to the aggravator. In addition, Chetan Conikee, CTO at ShiftLeftshares, comments on the disturbing AI advancements to social engineering methods, “Deepfake is a recently developed mechanism to create fake videos or audios, especially to create riots or to spread wrong information. Hackers use AI-based technology to create counterfeit videos by swapping people’s faces and modifying their speech.”

In September 2021, scammers posted a deepfake video featuring Oleg Tinkov, founder of Tinkoff Bank in Russia, calling on people to use the bank’s investment tools, promising to give every client 50% of the amount of investment as a bonus. After clicking the link, users were led to a fake website which requested personal information, leaving sensitive data in the hands of exploiting criminals.

Where the majority of cyber attacks are reliant on social engineering, so we must understand these tactics to avoid risk. Phishing is the most common attack, but social engineering only succeeds when users respond with an action. To stay safe, we need to think before we act.

Ransomware Attacks Through Phishing

As cyber hack methods adapt and grow, some approaches have remained just as powerfully damaging, with the new year predicting a particular increase in ransomware attacks through its most common form, phishing. Ransomware attacks involve the encryption of malware onto systems, networks and devices to hold a victim’s information at ransom and deny access to critical files. Victims are threatened with demands for money in exchange for access, which is where phishing comes into play. React to the information and you’ll be caught in the crossfire of a smart phishing attack.

The National Cyber Security Centre reported three times as many ransomware attacks in Q1 2021 as there were in 2019 entirely. With research by PwC suggesting that 61% of technology executives expect this to increase in 2022, the attack method is becoming highly intelligent and lucrative. As an increasingly popular method of attack, organisations need to educate staff on how to implement good cyber hygiene (both at home and in the office) and adopt solid security plans to include effective prevention tactics to remove the threat entirely.

Internet of Things (IoT) Vulnerabilities

Technology intelligence across the globe is advancing every second, resulting in a demand for the newest gadget for both personal use and business development. So, as device ownership rockets, so does the number of internet-connected tools. Ericsson expressed that the rate of connected devices (IoT) is estimated to reach 18 billion by 2022. But, like anything, of course, it comes with risk. Cyber criminals are being granted easy opportunities to attack with increased device access points to secure digital systems.

For individuals, this could include an increased risk on household appliances as access to IoT is widespread across varied technologies. Whilst for organisations, attacks are widespread across industries, targeting the infrastructure of warehouses, farming, manufacturing and office based-businesses. IoT vulnerabilities are the root cause for many privacy breaches, resulting in huge legislative penalties for violation of industry-standard regulations, such as GDPR. Many devices are left vulnerable as they lack the necessary built-in security controls to combat attacks. These limited functions indicate a need to seek advanced protection methods with the help of cyber security providers who can safeguard our critical data and important assets.

Though hard to avoid with rapid usage rates, we can improve our experience with devices, technologies and mechanical inventory, and decrease the risk of attack, by using them safely and performing updates when necessary. It’s time to keep the villains astray.

Supply Chain Cyber Security Risks

Pre-pandemic, cyber security supply chains were an afterthought for organisations, with key stakeholders defined, relationships well-managed and processes running smoothly. But the impact of COVID-19 soon took its toll and production was hit hard by widespread delays and shortages affecting normal business operation. This was no different for the digital world, as cyber supply chain problems became a critical issue for many businesses.

Cyber supply chains consist of a collection of resources, including cloud-based systems, on-site storage, software and hardware and methods of distribution. As cyber supply chains work within a digital landscape, points of attack are easily identifiable by criminals. Weakened links can generate greater chances of attack, and vulnerabilities can turn to opportunities for criminals to exploit. By targeting just one person in the operation, and infiltrating key systems and deploying ransomware attacks, criminals can bring the whole supply chain to a halt. Stakeholders need to ensure security processes (like constant monitoring and risk analysis) are embedded in the early stages of cyber strategy, and avoid compromising business operations further down the line.

Such attacks have escalated by 650% since mid-2020, due to the infiltration of open source software, according to a Sonatype study. The fallouts were brought to light following an attack on SolarWinds at the peak of the pandemic in 2020. Compromised software resulted in Russian intelligence gaining access to the data of 18,000 SolarWinds customers. A year on, the attack has forced organisations to gain a better grasp of the need for clarity and understanding into the origin and integrity of software. But hope is not lost – in November 2021, the UK Government released a policy paper seeking feedback from organisations who currently manage supply chain cyber security risk, providing an outline on how additional government support would help to overcome such challenges.

API in Cloud Computing

As we experience a rise in malicious activity, security leaders will need to work with their development teams to monitor API behaviour and regulate what data is being accessed by the API, and by whom. But what is ‘API’ and how can it jeopardise our cyber security? API, short for Application Programming Interface, defines the protocols for building and integrating computing software. They work by allowing your digital systems to communicate and connect with other computing products and services, so everything is in sync and can run efficiently. And as long as cloud and on-site applications continue to use public (easily accessible) APIs, we’ll continue to see a rise in scraping and bot attacks on applications.

According to Salt Security’s State of API Security for Q3 2021 research, 91% of respondents experienced an API security incident last year, where vulnerabilities (54%) and authentication issues (46%) topped the list, followed by bot/scraping (20%) and DoS attacks (19%). Though, this data provides insights for attacks on standard computer-to-computer API’s, not cloud-based systems, in which the risk of a breach is even higher.

So, how can we try to tackle the rising issue? Before going live with cloud-based APIs, organisations should implement penetration testing to ensure all vulnerabilities are detected and eliminated. Businesses will need to invest in better security prevention technologies that can address bot protection, API and application security, and data leak prevention. Plus, analysis of entitlements, through identity and access management, is key tactic in making sure criminals are not wrongly given access to critical data.

According to Prakash Sinha, Technology Evangelist and Senior Director of Corporate Marketing at Radware, we should expect to see bigger investments in more advanced visibility tools in 2022, as well as forensics tools that provide actionable insight for management, monitoring, auditing, compliance, and troubleshooting.

Cyber Attack Prevention Methods

As cyber security trends for 2022 predict increased threats, businesses must arm themselves with the necessary technologies and solutions to detect, manage and implement security tactics to avoid falling victim to attack. Whilst there are many ways we can work towards creating a safer 2022, it’s not a one-stop-solution kind of approach. For complete protection, you’ll need to adopt a combination of the following within your cyber security strategy for this year.

• Always assume the worst, so you’ll always be ready to counteract an attack. If you fail to prepare, be prepared to fail.
• Use cyber technologies to monitor systems to detect vulnerabilities before it’s too late, and get these fixed!
• Take caution with suspicious communication. Think before you click links, download attachments or share personal information. Consider whether the source is trustworthy.
• Create safety strategies and social media policies to educate employees on how to stay safe online. Outline avoidance tactics and indicators for an attack.
• Employ email filtering by setting spam filters to high so malicious messages do not reach your inbox.
• Update systems, applications and devices to patch vulnerabilities.
• Adopt identity and access management processes for systems that contain sensitive company data, by applying methods like Multi-Factor Authentication to restrict unwarranted access.
• Backup files regularly to avoid mass data loss in the instance of attack.
• Complete audits on IoT devices to ensure company-approved programs and systems are being used.
• Implement Artificial Intelligence (AI) machine learning across systems to identify patterns of behaviour and detect future risks.

To stay protected this new year, find out more about how our expert cyber solutions and strategies at Infosec K2K can mitigate the risk of attack to help your business stay on top of ever-growing threats.

Get in touch with us to find out more about how we can help you.