Posts Tagged :

cyber security

OPINION: The convergence of physical and cybersecurity: A new era of integrated protection?

960 640 Stuart O'Brien

As the lines between physical and digital spaces blur, the once distinct realms of physical security and cybersecurity are converging. This intersection has ushered in a new era of integrated protection, reshaping our approach to securing assets, data, and people.

Historically, physical security and cybersecurity operated independently, each with its unique methods and tools. Physical security focused on preventing unauthorised access to tangible assets—buildings, infrastructure, and personnel—using tools like surveillance cameras, access controls, and security personnel. Conversely, cybersecurity focused on protecting digital assets, such as networks, systems, and data, from cyber threats.

However, the rapid digitalisation and IoT (Internet of Things) proliferation have made this separation untenable. As devices and systems become increasingly interconnected, vulnerabilities in one can affect the other. For instance, a hacker can compromise a physical security system by breaching a vulnerable network, enabling physical access to secured spaces. Likewise, physical access to a server can lead to a catastrophic data breach.

Recognising these intertwined risks, organisations are adopting a unified security approach. This approach combines physical and cybersecurity, coordinating their strategies, processes, and responses to mitigate risks effectively.

The benefits of this integrated approach are manifold. Firstly, it provides a comprehensive view of security, enabling organisations to identify and respond to threats promptly and effectively. Secondly, it enables correlation between physical and cyber events, which may reveal patterns or trends that might go unnoticed in separate silos.

Integrated security also encourages better communication and coordination among security teams. This fosters a shared understanding of the security landscape and facilitates collaborative problem-solving. Finally, the convergence can lead to cost efficiencies, as resources and tools can be shared across physical and cybersecurity teams.

Despite its benefits, the convergence of physical and cybersecurity comes with challenges. It necessitates a cultural shift within organisations, rethinking traditional security roles, and developing new skills. Additionally, it requires the integration of disparate security systems and technologies, which can be technically complex and expensive.

As physical and cybersecurity converge, organisations must embrace this new era of integrated protection. This involves not just adopting new technologies but also fostering a security-conscious culture that values both the physical and cyber domains. By doing so, organisations can protect their assets more effectively in a world where physical and cyber threats are increasingly interconnected.

The convergence of physical and cybersecurity is more than a trend – it’s a necessity in our digital age.

Image by Gerd Altmann from Pixabay

Research highlights cybersecurity threats to travel and tourism industry

960 640 Stuart O'Brien

The travel and tourism sector has become a prime focus for cyberattacks in recent times, resulting in ransomware incidents arising from data breaches. Against this backdrop, cybersecurity concerns within the industry have escalated with a 4% year-on-year (YoY) rise in 2022, reflecting the prevailing sentiment, says GlobalData.

An analysis of GlobalData’s Company Filings Analytics Database found that sentiment for airlines, travel services, and lodging rose by 6%, 4%, and 1%, respectively, in 2022 over 2021.

Misa Singh, Business Fundamentals Analyst at GlobalData, said: “Companies are consistently working on information and network security projects to set up a reliable technical protection and security management mechanism to ensure customer security and prevent data leakage. A severe data security incident can lead to operational disturbances and cause significant financial damage to the business.”

LATAM Airlines plans to have self-boarding (biometric) to advance customer experience. The company is also starting Pre-Flight check documentation where customers can send their documents digitally before boarding. China Eastern Airlines discussed establishing a sound information and security-related management mechanism.

Booking Holdings talked about SQL injection where a third party tries to insert malicious code into companies’ software through data entry fields on websites to gain control of the system using the websites as a platform. Tourism Holding updated its digital strategy and made investments in new technology and cybersecurity solutions.

H World Group and Mahindra Holidays & Resorts India Limited have set up an information security committee responsible for developing policies and procedures, offering data protection-related advice, protecting the security of customer data, and avoiding data leakage.

Singh concluded: “Failing to adopt appropriate technology leaves companies vulnerable to cyber threats that can have a detrimental impact on their operations . Investing in robust cybersecurity solutions, educating employees about cybersecurity risks, and staying up to date on cybersecurity threats can help reduce the likelihood of an attack.”

Ransomware still most feared cyber threat

960 640 Stuart O'Brien

Although reports of ransomware campaigns declined quarter over quarter in 2022, primarily due to the collapse of more experienced cybercriminal groups, IT leaders still consider them to be the most worrying cyber threats.

That’s according to a report from Info-Tech Research Group, Security Priorities 2023, based on primary data obtained from interviews with security and IT leaders, as well as from the firm’s 2023 Tech Trends report and upcoming State of Hybrid Work in IT: A Trend Report, set to be released in March 2023.

The new security priorities report focuses on data that details the likely changes in processes and IT infrastructure due to hybrid work, concerns and perceptions about readiness to meet current and future legislation, and the impact of a potential recession on security budgets.

‘In the constantly evolving world of technology, IT security continues to be a top priority for individuals and organisations alike’, says Executive Councilor Ian Tyler-Clarke. “As technology continues to advance, it is essential to stay ahead of emerging threats and ensure the protection of sensitive information. In 2023, we can expect to see a rise in cloud-based security solutions, artificial intelligence-powered threat detection, and increased emphasis on employee education and cybersecurity awareness. Security leaders and CIOs must stay at the forefront of these developments and provide best-in-class security solutions to secure their digital assets.’

‘Aside from ransomware and the hybrid work model, in 2022, we saw an evolving threat landscape, regulatory changes, and the potential for a recession by the end of 2023’, explains Ida Siahaan, research director and lead analyst for the report. ‘Furthermore, organisations are still facing the ongoing issues of insufficient cybersecurity resources and organisation modernisation, all of which impact how we prioritise cybersecurity over the coming year.’

The firm advises that security and IT leaders keep the following five priorities top of mind as they work towards modernising their organisations, securing hybrid work environments, and mitigating risks and cyber threats:

  1. Maintain Secure Hybrid Work. The pandemic changed how people work and where they choose to work, with most still preferring a hybrid work model. The initial investment to set up remote work options was extensive and requires continuous investment to maintain the secure remote work infrastructure that facilitates a hybrid work model. According to Info-Tech’s research, security leaders must build a strong cybersecurity workforce by strategically acquiring, retaining, and upskilling talent to maintain secure systems and increase confidence in the security practice.

  2. Secure Organisation Modernisation. Despite all the cybersecurity risks, organisations continue modernisation plans due to the overall long-term benefits. These plans can include digital transformation to the cloud, operational technology (OT), and the internet of things (IoT). Security leaders must address the risk of converging environments by combining IT and OT security to protect the entire organisation.

  3. Responding to Regulatory Changes. Government-enacted regulatory changes are occurring at an ever-increasing rate. Rather than treating them as a compliance burden, organisations should use these changes as an opportunity to improve security practices. Security leaders need to identify relevant compliance obligations, implement policies and exception processes, and then track and report to ensure their remediations are effective.

  4. Adopt Next-Generation Cybersecurity Technologies. The cat-and-mouse game between threat actors and defenders is continuing. The looming question of “can defenders do better?” has been answered with the rapid development of technology. However, next-generation cybersecurity technologies alone are not a silver bullet and require a combination of skilled talent, useful data, and best practices to gain a competitive advantage. Governments and cybercriminals recognise the importance of emerging technologies, such as zero trust architecture and AI-based cybersecurity, and so should security and IT leaders.

  5. Secure Services and Applications. Software is usually produced as part of a supply chain instead of in silos. As demonstrated by recent incidents such as Log4j and SolarWinds, a vulnerability in any part of the supply chain can become a threat vector. To respond to this challenge, DevSecOps was developed as a culture and philosophy that unifies development, security, and operations. DevSecOps offers many benefits, such as the rapid development of secure software and the assurance that tests are reliably performed and passed before the software is formally released and delivered. Security and technology leaders must adopt this philosophy and the latest software development best practices to ensure that each link of the software supply chain is secured.

The Security Priorities 2023 report also includes recommended actions in addition to templates for security and technology leaders that can be used to explain each of the priorities to their stakeholders.

Who foots the bill in the event of a data breach?

960 640 Guest Blog

Data breach is almost inevitable – which means it is vital that companies and their Managed Services Providers (MSPs) understand exactly who is responsible and who bears the financial brunt. But recent research reveals that both companies and MSPs are disturbingly unclear about their legal and financial obligations.

Contracts are ambiguous and the risks of legal wrangling severe. The truth is that when a breach occurs and data is exposed, neither party wins.

As Simon Pamplin, CTO, Certes Networks, insists, rather than playing the blame game, the priority must be to protect the data to ensure that even when an attacker breaks through, there is nothing to see and nothing to gain…

Financial Burden

Cyber security has become a board level issue in recent years – not least since the introduction of ever more punitive fines and personal responsibility for the protection of sensitive data. Yet recent research undertaken by Sapio Research on behalf of Certes Networks confirms that far too many businesses are simply handing over responsibility to an IT Service Provider (ITSP) or Managed Services Provider (MSP) – and expecting the provider to pick up the financial cost should a data breach occur.

Companies employing third party organisations to deliver security policies expect ITSPs to cover 48% of the costs in the event of a data breach. Astonishingly, 73% of ITSPs also consider themselves responsible for paying fines and damages and believe they should pay 51% of the costs.

Whether these expectations can be met as and when a breach occurs remains a legal minefield. More critically, for senior managers personally liable for security and information protection compliance, does this abdication of responsibility to a third party stand up to regulatory scrutiny?

Endemic Misperception

How does a reliance on an MSP or ITSP support the zero-trust approach to separating policy responsibility from system administration? Any security posture needs to be defined from a business standpoint to reflect the sensitivity of specific data sets. But if the onus is placed on the MSP, the entire security posture is both defined and delivered by a network security team. Contractual agreements will be meaningless if a regulator comes down hard on this clear lack of Separation of Duties.

Furthermore, the legal standpoint is that the data owner is responsible and liable for any data breach – so any company with the misperception that the MSP or ITSP will foot the bill is likely to be in for a very nasty surprise. This perception indicates that far too many companies are not considering the true implications of data security at the right level.

Are the data protection and compliance officers, as well as senior managers, now personally liable for protecting sensitive company, customer and partner data involved in these decisions? If so, do they really believe that asking the network security team to appoint an MSP to provide an SD WAN is really an adequate approach to data protection and compliance?

Demanding Safeguards

It is naïve to expect a network security infrastructure expert to understand the full implication of financial and reputation loss associated with a data breach. It is not in their remit. They are responsible for the performance of the infrastructure – not the value or assurance of corporate data.

Companies need to take ownership of their data – and that means demanding the MSP or ITSP provides another level of data protection. An MSP that wraps security around the data, rather than relying on the network infrastructure, can provide business leaders with the essential assurance that data is protected and compliant.

Adopting Layer 4, policy-based encryption ensures the data payload is protected for its entire journey – and because only the payload data is encrypted while header data remains in the clear, means minimal disruption to network services or applications. With encryption policies based on the sensitivity of corporate data, the business can achieve a clear separation between policy setting and systems management.  A win for both data officers and network security teams.

Conclusion

This research raises a very concerning issue for both companies and ITSPs/ MSPs. Whoever ends up footing the bill – and the chances are that a lengthy court case could ensue – no one wins. Any data breach will incur not only immediate financial costs but long-term business consequences that could be devastating for both parties.

So why risk it? If a company takes a different approach and demands that additional data protection layer, there is no longer any issue of blame or cost. The company is no longer relying on a third party to safeguard its data, but instead taking ownership itself. By encrypting data, in a way that doesn’t affect business operations, it is safeguarded across whatever infrastructure the MSP or ITSP is providing.

42% of manufacturing firms attacked in last 12 months

960 640 Stuart O'Brien

Nearly half of Britain’s manufacturers (42%) have been a victim of cyber-crime over the last 12 months according to new research, Cyber Security: UK manufacturing, published by manufacturers’ organisation Make UK and Blackberry.

Over a quarter of respondents (26%) reported substantial financial loss as the result of an attack, with losses ranging from £50,000 to £250,000.

As businesses adopt more digital technologies, their exposure to cybersecurity risks increases. Some 95% say cybersecurity measures are necessary for their company, while two thirds said the importance of cybersecurity has increased in the last 12 months. Worryingly, the majority (54%) decided not to take any further cybersecurityaction despite adopting new technologies to boost production.

UK manufacturers face a battery of cybersecurity risks, ranging from simple employee error to complex targeted attacks.  The top three cybersecurityvulnerabilities were identified as maintaining legacy IT (45%), a lack of cyber skills within the company (38%), and providing access to third parties for monitoring and maintenance (33%). The research also found that production stoppages were the most common result of a cyberattack (65%), with reputational damage ranking second (43%).

Adoption of the industrial Internet of Things (IoT) is shown to be the biggest driver behind cybersecurity adoption for one in three organisations (30%). These new IoT processes, such as automated sensors driving efficiencies, sit at the heart of manufacturing production and are seen as business-critical functions. However, just over a third (37%) say that concerns about cyber vulnerability have prevented the introduction of new connected technologies into their organisation, hampering potential productivity gains and holding companies back from growth.

Targeted attacks are the most common, with smaller companies often the most vulnerable yet many offering no cybersecurity training to staff. 62% of manufacturers now have a formal cybersecurity procedure in place in the event of an incident, up 11% on last year’s figures with the same number giving a senior manager responsibility for cyber security. More than half (58%) have escalated this responsibility to board level.

Stephen Phipson, CEO of Make UK, the manufacturers’ organisation said: “Digitisation is revolutionising modern manufacturing and becoming increasingly important to drive efficiencies in this incredibly difficult inflationary environment. While cost remains the main barrier to companies installing proper cyber protection, the need to increase the use of the latest technology makes mounting a proper defence against cyber threats essential. No business can afford to ignore this issue and while the increased awareness across the sector is encouraging, there is still much to be done. Failing to get this right could cost the manufacturing industry billions of pounds and put thousands of jobs at risk. Every business is vulnerable, and every business needs to take the necessary steps to protect themselves properly.”

The composition of cyber defence across UK industry is wide – with 89% of companies investing heavily in antivirus software and firewalls to secure internet connections. Threats originating in Russia and China are now seen as the main challenge to cybersecurity for UK manufacturers (75%).

Keiron Holyome, VP UKI, Eastern Europe, Middle East and Africa at BlackBerry said: “Clearly, the UK manufacturing industry is acutely aware of the threat that cybercrime presents. With attacks increasingly targeting operational infrastructures at the heart of major economies, the bigger issue is the majority of manufacturers that may not be aware that they have already been compromised. In our experience, it is possible – indeed, likely – that malware is present in legacy infrastructure, just waiting for the right time to strike. Today’s sophisticated threats are not deterred by outdated antivirus and firewall protection; it’s time for industry management to bring in the big guns of preventative cybersecurity to protect against all vulnerabilities, from accidental insider breaches through to the very real threat of nation state attacks.”

Further details can be found in the report, Cybersecurity: UK Manufacturing, available for free download here.

Five: The average number of cybersecurity incidents UK business report each year

399 226 Stuart O'Brien

Attackers are seizing on vulnerabilities in hybrid working environments, creating more work – and also larger budgets – for security teams, despite organisations accelerating digital transformation projects.

The latest State of Security Report from Infblox, which surveyed 100 UK respondents in IT and cybersecurity roles in the UK as part of its global sample, discovered that the recent surge in remote work has changed the corporate landscape significantly.

In fact 64% of UK organisations have accelerated digital transformation projects in order to support remote workers since 2020. This is higher than the global (52%) average.  

  As part of this shift just under half (49%) of organisations have increased customer portal support for remote engagement and 43% have added resources to their networks and data basis. Given that over a third (34%) have close their physical offices for good, this investment may prove to be a strong strategic move.  

Cybersecurity still causing headaches   

An increased digital footprint inevitably brings increased digital risk and the reality of a hybrid workforce is causing headaches for IT teams and business leaders. The data reveals that the loss of direct security controls and network visibility has half (50%) of UK companies more concerned about data leakage than anything else. Almost as many (45%) are worried remote worker connections will come under attack.    

It appears that organisations have good reason to worry, given the report found that 61% experienced up to five security incidents in the last year. However, there is some good news: 66% report that these incidents did not result in a breach. This may be because 73% were able to detect and respond to a security incident within 24 hours.   

Of the 44% reporting a breach, insecure WiFi access (47%) was the biggest cause. The data also suggests that UK workers are continuing to fall for phishing scams. In fact 4 in 5 (82%) breaches reported in the last 12 months were caused by this attack method. Phishing usually signals the need for or failure of employee and customer security awareness training that require technological backstops  

Defense in depth   

Infoblox’s report discovered that the majority of organisations are investing heavily in security tools to protect their hybrid environments. In fact, 59% of respondents saw bigger budgets in 2021 and 64% anticipate an increase in 2022.   

Many are turning to defense-in-depth strategies, using everything from data encryption and network security to cloud access security brokers and threat intelligence services to defend their expanded attack surface. As part of this, almost half of organisations (47%) are relying on DNS (Domain Name System) to block back traffic.    

“The pandemic shutdowns over the past two years have reshaped how companies around the world operate,” said Anthony James, VP of Product Marketing at Infoblox. “Cloud-first networks and corresponding security controls went from nice-to-have features to business mainstays as organisations sent office workers to work from home. To address the spike in cyberattacks, security teams are turning to DNS security and zero trust models like SASE for a more proactive approach to protecting corporate data and remote devices.”  

The full report is available for download here.  

OPINION: Is the UK prepared for smart city threats?

960 640 Stuart O'Brien

By Professor Kamal Bechkoum (pictured), Head of the School of Computing and Engineering at University of Gloucestershire

People across the UK are increasingly living in smart cities – urban spaces packed with technology that receives, processes and transmits data on a 24/7 basis.

But despite the very real benefits on offer, the threat of cyberattacks to homes and businesses is increasing, writes Professor Kamal Bechkoum, Head of the School of Computing and Engineering at University of Gloucestershire:

On average we create 2.5 quintillion bytes of data, or one billion billion bytes, every day. Smart cities gather vast quantities of this ‘big data’ from digitally-linked objects and our online activities, and then use this to improve new services and products that aim to make city living better.

In ‘connected places’ this might involve any ‘Internet of Things’ connected system, ranging from better traffic management and pollution control, through to improved security, public transport and intelligent street lighting.”

Smart cities gather vast quantities of this ‘big data’ from digitally-linked objects and our online activities, and then use this to improve new services and products that aim to make city living better.

Although this offers the potential to transform our lives, it also comes with the same privacy concerns posed by any large-scale digital transformation.

While tracking, monitoring and automated systems can enhance safety, productivity and cost-effectiveness, potentially unethical and ongoing surveillance, along with the ever-present threat of cybersecurity breaches, can negatively impact people’s lives in new and unexpected ways.

The Cityware project, for example, tracked the physical interactions of 30,000 people using a combination of Facebook profiles and smartphone signals, resulting in reports that almost 250,000 owners of Bluetooth devices, mostly mobile phones, were spotted by Cityware scanners worldwide.

Privacy International, a UK charity with a stated aim of ‘defending and promoting the right to privacy across the world’ puts it like this: “Next time you’re lured into a coffee joint with the promise of free WiFi, be aware that what you are doing online could potentially be exposed especially, as is often the case, if the WiFi network does not require a passcode to get online.

“Unsecure networks like this make it easier for cybercriminals to eavesdrop on what you do online. You should also be aware of ‘rogue’ WiFi hotspots, which might deliberately use a name similar to the coffee shop you’re currently sitting in but has nothing to do with them. So be careful before you connect to ‘Stirbucks_wifi.’” It’s an easy slip-up to make.

Data generated by smart city infrastructure can even be culled from sources such as unprotected parking garages, EV charging stations or surveillance feeds, all of which offer cyber attackers targeted personal information that could be exploited for fraudulent transactions and identify theft.

A new report from the Department for Digital, Culture, Media & Sport shows that while cyberattacks are becoming more frequent, only 13% of businesses are using managed IT providers to review security risks.

In addition the National Cyber Security Centre (NCSC), a part of GCHQ, has published guidance for local authorities on how to secure connected places and notes that critical public services need to be protected from disruption.

One of the biggest challenges for smart city progression is a lack of technical skills, local authority funding, regulatory hurdles for large-scale projects, and low public trust in digital initiatives.

Research has found that security and privacy concerns have been raised about the use of smart city technologies, particularly those that collect data about citizens’ behaviour, public services or critical infrastructure.

Smart city projects may also raise inequality issues if the benefits or projects are not experienced equally by rural and urban communities, of if they disadvantage those without digital skills or access to digital technology such as smart phones.

The weakest link in any chain can have detrimental effects for an entire urban environment. To address this, councils and city planners should always invest in the data security of their cities’ critical infrastructure to minimise risk and ensure reliable and secure smart systems.

It is important to employ frameworks that promote a common security language wherever possible, and feature protocols for ‘Industry 4.0’ – shorthand for industrial digitalisation – that:

  • Identify specific security levels between cooperating partners and companies across a supply chain, covering the three essential cybersecurity components: People, processes and technologies
  • Include rigorous, transparent, and replicable testing of all new tools and technologies before they are introduced

These points are the minimum steps to take when introducing smart city living protocols. Longer term, if the UK is to move forward in the current hybrid divide that exists between office and home-working driven by the COVID-19 pandemic, there is an urgent need for legislative authorities and organisations to address their digital transformation plans.

Ultimately these actions are best guided by a strategy which addresses data-gathering legalities and key cybersecuritycomponents to ensure risk is appropriately managed at every stage of the process.

Protecting the Nation’s Critical Infrastructure’s Against Cyber Attacks is a key theme of this year’s University of Gloucestershire and C11 Cyber Security and Digital Innovation Centre ‘Cyber Tech Symposium’ on Thursday 7th July, 2022.

Government and educational institutions most vulnerable to cyber attack in 2021

960 640 Stuart O'Brien
According to the data presented by the Atlas VPN team, education and government organizations suffered most cyberattacks in 2021. At the same time, software vendors have experienced the largest growth in attacks compared to 2020. In addition, cybercriminals targeted corporate networks the most with Botnet attacks.
Education and research organizations were the most targeted industry in 2021, with an average of 1,605 weekly cyberattacks. Universities had to suspend classes due to suffered attacks, which impacted students, professors, and other staff members.
The government and military sector rank second with an average of 1,136 weekly cyberattacks. Government agencies hold tons of highly confidential data, which state-sponsored hackers can target to acquire desired information.
Communications organizations experienced an average of 1,079 attacks per week throughout 2021.
On the other hand, software vendors averaged just 536 cyberattacks. However, the average of attacks has significantly grown in the industry by 146% compared to 2020.
Cybersecurity writer at Atlas VPN Vilius Kardelis said: “After shocking large-scale cyberattacks in 2021, businesses must proactively react to the growing risks. Many governments have already expanded their cybersecurity budgets to deal with cyber threats and so should organizations. One successful cyberattack could cause devastating consequences to a company.”
Corporate networks under botnet attacks
Cybercriminals choose different attack methods based on what they are trying to accomplish.
Botnet attacks accounted for 31% of threats against corporate networks in 2021. A botnet is a group of malware-infected internet-connected devices controlled by a single operator.
Info stealers were responsible for 21% of cyberattacks targeted at corporate networks. As the name implies, info stealers are Trojan malware designed to gather data from the system.
Cryptominers accounted for 19% of attacks launched at corporate networks. Cryptocurrency miners are malware that uses a significant amount of GPU and CPU resources, causing your computer to run slower than usual.

Investing in channel support to survive the evolving security landscape

960 640 Stuart O'Brien

Security is a growing concern across every industry, particularly now with the growth of dispersed workforces around the world. Cyberattacks continue to increase and become more sophisticated, with businesses of all sizes needing to invest in the right support. This is even more crucial for small and medium-sized businesses (SMBs), who may lack the adequate internal resources and teams to protect themselves against such threats.

But, by partnering with an established Managed Service Provider (MSP) who can act as a trusted advisor to create a solid cyber security strategy, SMBs can benefit from the knowledge, skills and solutions available within the channel. MSPs, therefore, need to ensure they leverage this opportunity to support their end customers, while businesses crucially make the necessary investment to keep their network, data and people secure, as Mike Foster, Channel Manager, VIPRE, explains…

COVID-19 Transforms the Market

With businesses accelerating their digital transformation during the COVID-19 pandemic to ensure business survival and continuity, there has been a knock-on effect on cybersecurity strategies, which now must be prioritised and invested in. Over the past eighteen months, organisations have had to transition to working securely and efficiently from home, and then splitting their time between the office and remote work, in turn, creating new security challenges. This has demonstrated the crucial need for organisations to become more agile and have the ability to scale both up and down when regional rules change.

The importance of a secure and flexible workforce, one which is protected through layers of security and best practice, is key. This can be executed successfully by identifying existing weaknesses or gaps in infrastructure, which can be easily spotted by channel partners who specialise in cybersecurity. By leaning on an MSP, businesses can benefit from having access to the right support and advice, and MSPs, in turn, can offer the correct solutions to combat the challenges their clients face. This has led to organisations questioning issues such as; are the emergency measures put in place during the peak of the pandemic sufficient for long term secure and agile working practices? What tools do customers need to remain secure in the new modern hybrid working environment? It is clear that now is the time for businesses to reassess and build a flexible, future-proof plan.

The Trusted Advisor to SMBs

Smaller and medium-sized businesses often do not have the resources, time or dedicated teams to focus on their IT needs, while ensuring they have the right solutions in place to defend themselves against cyberattacks. They also do not think they are as much of a target for hackers, as they may not have as much revenue or data compared to larger and more corporate organisations, with 66% believing a cyberattack would be unlikely. However, according to Accenture’s Cost of Cybercrime Study, 43% of cyberattacks are aimed at small businesses, and only 14% are prepared to defend themselves.

Instead, by partnering with an MSP who can act as an external security partner for the SMB to help them achieve cyber resilience, the pressure and responsibility of defending the business against cyber threats will lay with the expert in the channel. This creates a unique opportunity for MSPs to guide customers on their cybersecurity journey and ensure they are receiving relevant education and have the right technology and tools in place to protect the business. It also helps the MSP to differentiate themselves from the ever-growing and competitive channel market, enabling them to become trusted IT security advisors for the businesses they support.

Critical Support Partner

Whether a business is big or small, investing in its cybersecurity foundations is not optional – it’s business-critical, especially in today’s threat landscape. By identifying the gaps in their cyber needs, or allowing an MSP to make these judgments, a strong infrastructure can be built upon the businesses existing setup. These solutions can be custom-built and tailored to each individual organisation, including email and endpoint protection, ongoing end-user training, as well as access services, such as ZTNA solutions.

With security breaches showing no signs of slowing down, MSPs must be constantly vigilant and develop cyber resilience approaches that go beyond deploying security solutions. This means having not only the market-leading technology available, but also the technical expertise to support business security plans and growth. MSPs must take a proactive role in understanding the current state of a customer’s ability to protect against, prevent and respond to modern cyber threats when recommending the best approaches to true cyber resilience.

For example, MSPs who roll out Office365 to their client base are not tapping into their customers’ needs for peace of mind when it comes to cybersecurity. Instead, they should add value to the partnership by emphasising good cyber security practices, providing the right tools and technologies and looking at specialist vendors – rather than providing a one-size-fits-all solution. Channel partners can both capitalise and draw on the importance of demonstrating to customers the benefits they bring by continuing their role as trusted advisors – resulting in growing their revenue while ensuring their key partner status.

Investing in Technology

An MSP’s portfolio should provide the correct tools and solutions businesses need to survive and thrive in the new normal. Businesses of all sizes prioritised their move to digital workspaces during COVID-19, including remote teamwork, learning and critical cloud infrastructure, with Microsoft’s Chief Executive saying that they’ve seen two years’ worth of digital transformation in two months. Innovative technologies can form the backbone of a workforce’s security foundations by adding layers of technology protection alongside employee tools and security awareness. Solutions can be embedded to prompt users to double-check their emails before a mistake is about to be made, for example, mitigating the risk of accidental data loss.

Additionally, security awareness training within businesses has become a security necessity. Without peer review or IT supervision, organisations need their users to be empowered to make good security decisions. Rather than a once-a-year cyber awareness course – often used to tick a compliance box – today’s businesses must invest in ongoing training, phishing simulations and solutions to help their employees make the right decisions – wherever they are working.

This is an important point for channel partners to take on board, as they have the power to ensure their customers’ end users are sufficiently trained in the threat landscape. Have they engaged in phishing penetration testing? Is sending an email to the wrong person an embarrassing mistake or a data breach? These are just some of the key questions MSPs should be asking when they look to fulfil their trusted advisor role. This is an area where partners will see real growth as businesses have woken up to the idea that with the right solutions, they can switch their employees from IT risks to IT assets, and the channel needs to ensure they have the necessary training and tools in place to help their clients make these decisions.

Conclusion

Organisations cannot be expected to stay one step ahead of cybercriminals and adapt to new threats on their own. Within the evolving cybersecurity landscape, it’s essential for businesses, especially SMBs, to find a partner that offers a varied portfolio of security offerings, as well as the knowledge and support, to keep their business data, workforces and networks secure.

By addressing pain points and providing assurance around the security of their working environments, channel partners can build and strengthen their existing relationship with their customers, while recognising the opportunity of additional revenue streams for their businesses. In turn, businesses can feel confident that they have the right technology, education and tools in place to combat the risk of cyberattacks and a trusted partnership they can rely on to keep them secure and agile.

Top five security predictions for 2022

1024 682 Stuart O'Brien

With the COVID-19 pandemic continuing to put businesses and society at risk, Andy Robertson, Head of Enterprise & Cyber Security, at Fujitsu UK&I, has laid out his top five predictions for 2022…

In these unprecedented times, organisations have needed to vastly adapt their security processes to the new ways of working and living. But just because the current security defences are able to withstand attackers now, that doesn’t mean cyber criminals won’t strike again in the future. Cyber criminals are always developing unique tactics to find and exploit new weaknesses.

As the UK still faces the COVID-19 pandemic, businesses are facing a hacking epidemic. For example, The National Cyber Security Centre’s (NCSC) 2021 annual review found that there were three times as many ransomware attacks in the first quarter of 2021 than in the whole of 2019. Current remote working practices have significantly changed the securitylandscape, but the need to keep everything connected and secure hasn’t changed. Businesses need to focus on embedding revised security measures right from the start so that their employees can keep operating securely, wherever they are in the world.

As we enter the third year, where the pandemic continues to impact organisations, here are my top five predictions cyber security in the coming 12 months…

  1. Trust will be maintained by Zero Trust Architecture in the hybrid working world  

2020 and the early part of 2021 were all about remote working. Moving into 2022, I expect to see more organisations embrace and establish hybrid working as the norm. New data from Glint reveals that 87% of employees would prefer to stay remote at least half of the time, even after it was safe to return to their workplace.

As organisations adapt to different working patterns and locations, this fairly new hybrid working approach introduces new security risks. A login from a remote location late at night – once considered suspicious – is now a much more common occurrence as hybrid workers balance work and life priorities.

To help reduce the risks and the burden of monitoring those risks, organisations should consider implementing a Zero Trust approach. It’s a remarkably simple concept. Businesses must assume that there will be a breach, that anything can be compromised, and that no-one is really who they say they are or is acting responsibly. This does not mean you don’t trust your employees, partners, suppliers, or customers – as people. It’s actually about knowing who they are, what they are doing, what technology they are using, and what level of authorisation they have for each thing they do, every time they do it, wherever they are doing it.

 

This means that data, systems, and equipment are treated equally and securely. It doesn’t matter where they are located, in your network or outside it. Nothing is trusted until you know it can be trusted.

  1. IT and OT cyber security will both be the CISOs concern 

In 2022, Operational Technology (OT) cyber security will be recognised as being as important as IT security for assuring business continuity. The number of large-scale attacks on OTs has grown in volume in 2021 – with 83% of critical infrastructure companies experiencing breaches in the last three years. I expect to see this continue in 2022 as cyber criminals seek to further exploit these potentially vulnerable systems that control critical processes – making them lucrative targets.

IT and OT cyber security will become a greater concern for the CISO as they seek to reduce overall risks for their organisation. The good news is that satisfying the new end-to-end cyber security paradigm brings benefits beyond pure risk mitigation. The cyber security measures an organisation deploys will become a key quality characteristic, which organisations will be required to demonstrate in order to be admitted to digitised supply chains.

CISOs will need to give the same attention to their OT security as they do IT to gain all of these benefits.

  1. True Business Continuity will require greater levels of collaboration and real-time insights

The COVID-19 pandemic reached an unprecedented scale and longevity that rippled through the way organisations operate, communicate, and safeguard against future disruptions. And these weren’t the only factors testing organisations’ continuity plans in the last 2 years. Society also simultaneously experienced civil unrest, wildfires, and hurricanes. This exposed weaknesses in organisations and demonstrated how historically siloed approaches to resiliency put organisations in grave danger. For instance, ransomware hackers targeted three US water facilities in 2021, which is concerning against the backdrop of droughts.

No one had a plan robust enough for 2020. It also prompted volatile and unpredictable market conditions. The pandemic not only demonstrated the interdependence of multiple areas of risk but showed organisations they must be vigilant about all disciplines simultaneously and holistically.

As we move into 2022, I expect to see more uncertainty and volatility that will stretch continuity plans. Organisations that want to build resilience and stability should bring together multiple disciplines such as business continuity, IT continuity/Disaster Recovery, risk management and procurement (supply chain) to collaborate on wider-reaching plans that facilitate real-time decision-making based on data instead of historic trends.

I also expect to see industries collaborating and regulators taking a greater interest in resilience across critical industries. A primary example of this is the operational resilience directive, released by the UK’s financial regulatory bodies, the Financial Conduct Authority (FCA), in partnership with Prudential Regulation Authority (PRA) and the Bank of England (BoE). This directive comes into effect in March 2022 for implementation, with full compliance being required in March 2025.

  1. The strongest form of defence… will come from being attacked 

To build organisational resilience against a rising tide of cyber threats in 2022, organisations will have to learn to think like cyber criminals. Cyber criminals are on the offensive and will always look for ways to exploit any weakness they find, without any regard for law and ethics. They rely on exploiting complacency and organisations focusing on agility at the expense of security.

One of the most critical vulnerabilities to watch out for in the years to come is the open source software Log4j. This vulnerability is currently leading to the compromise of systems and data and will continue to do so in 2022. Attackers will iterate on and develop exploits to target this vulnerability and deploy ransomware and bitcoin miners to successfully compromise systems. Log4j will likely be a target of further scrutiny by attackers and vulnerability researchers looking to identify other weaknesses within the logging utility.

To build the right defences, organisations must learn how to think like a cyber-hacker so that they can close down any gaps that could be exploited. Organisations should embrace attack simulations and wargaming, with a trusted security partner. That way, it will help them set up realistic scenarios, run them, and then learn from the results. A wargame is the simplest and best way to find gaps in your defences. What you learn in action strengthens your ability to avoid needing to take serious action in the future.

Working with security service providers that can deliver Breach & Attack Simulation services helps test the vulnerabilities and see how effective an organisation’s security posture is and where it needs to be strengthened, or even changed completely.

  1. Turning the tide on security alert fatigue

Covid has added to the urgency of many businesses’ migration to the cloud and boosted consumer adoption of cloud services, and that’s set to continue for a long time. One estimate predicts that the cloud computing market size will reach $1.2 trillion by 2028. Increased cloud consumption has been accompanied by an equally rapid increase in the number of threats and alerts from across those platforms.

Inevitably, in 2022 we will see more security alerts which will exacerbate the problem of ‘alert fatigue’ where IT security teams can become overwhelmed and miss the signs of a significant attack. The continuing skills shortage in the cyber industry combined with this fatigue means the organisations will need to think differently and provide greater incentive to explore the use of security automation solutions that can prioritise alerts and even enact pre-defined responses to reduce the burden for security professionals.

  • 1
  • 2