New Year Business Guide - brought to you by APL Media •Wednesday 11 January 2023
Your fi les have been encrypted with ransomware
Why your business should adopt a defence-in-depth approach to minimise the eff ects of a malware attack
PICTURE THIS SCENARIO All servers become locked, all admin accounts are seized and the business cannot perform its most core functions. Every minute that ransomware has a hold of your environment is costing you fi nancially and reputationally.
WHAT DO YOU DO? Do you have a plan? Businesses without a plan already in place will be leſt scrambling. The National Cyber Security Centre recommends adopting a defence-in-depth approach to minimise the chances of being hit by malware and to mitigate the damage should it happen.
WHAT DOES A DEFENCE-IN-DEPTH STRATEGY LOOK LIKE? Firstly, it should prevent and protect against any hack occurring; secondly, it should monitor and detect for any attacks as they take place; and thirdly, it should enable a fast response and recovery from an incident should an attacker penetrate your network.
Specifi c actions that businesses
can take to start implementing a defence-in-depth strategy against ransomware attacks include: • Vulnerability Management — Implement a vulnerability management process and run periodic vulnerability scans to ensure technical fi xes are applied before being exploited by hackers.
• Maturity Assessment of Processes, People and Technology — Move from reactive to proactive risk response so you can spend less time on recovery and become an expert at anticipating attacks.
• Penetration Testing — Simulate an attack in a controlled and professional way to determine the damage hackers can do to your environment before they can do it.
• Purple Teaming — All the benefi ts of penetration testing, along with remediation, upskilling, process optimisation and budget optimisation. Identify your weak spots and rapidly deploy defences.
• Governance and Incident Response Planning — Should a cybersecurity incident occur, ensure you have the processes and guidance in place to know how to navigate such a scenario confi dently.
• Visibility and Monitoring of Security Events — Quickly identify and respond to security alerts in your environment to quickly spot and mitigate an attack, should one get through. Security specialists can triage alerts and hunt threats live before they reach your critical systems.
• Cyber Security Consultancy — Consultancy services can provide bespoke solutions to companies with specifi c needs, such as protection during an acquisition process.
Want to protect your business against the
threat of cyber-attacks but
have no idea where to start?
th4ts3cur1ty.company
specialises in making cyber security simple and
affordable for businesses — without the jargon.
Get in touch for more information
T: +44 (0)20 8133 0660 Visit:
th4ts3cur1ty.company
th4ts3cur1ty.company > ADVERTISEMENT FEATURE
How to spot a cyber cowboy selling to your business
As the risk from cyber threats seems to escalate further each year, it’s becoming ever harder for SMEs to keep up and fi nd adequate ways to protect themselves. Without extensive technical knowledge, most are forced to turn to experts for guidance
Unfortunately, some vendors prey on SMEs lack of expertise to fl og them exorbitant solutions that are too complex for them to even use. For example, take security
information and event management
(SIEM) solutions. A SIEM provides real-time analysis of security alerts generated on a network. They log security data and use that to generate reports. Implemented well, they’re an essential security tool.
SIEMs are ubiquitous. A survey
carried out by
th4ts3cur1ty.company found that every respondent had implemented one. The problem? Sixty-fi ve percent of respondents said that they felt they were mis-sold their SIEM solution and 80% felt that the costs outweighed the value. Most were sold solutions too advanced for their organisation, meaning they overpaid for soſt ware they didn’t have the expertise to use.
LOOK OUT FOR VENDORS USING THESE DODGY TACTICS TO AVOID BEING ONE OF THE UNLUCKY ONES: 1. High upfront fees — unreasonably high soſt ware and hardware fees
2. Hidden fees — this may include charging for events per second, pushing up costs as data is collected. There may also be extra fees to store that data and for support as well.
3. Expensive training — many SIEM products are designed with complicated graphical user interfaces that are tricky to use,
forcing customers to pay for expensive training just to use it.
4. Long contracts — once you’ve signed, you’re stuck paying for years with no exit clause.
5. Long set-up — the service doesn’t work out of the box. Instead, the customer must make a considerable investment of time, skill, experience and training to obtain any meaningful results.
6. Fear selling — if you don’t buy our highly advanced solution right now, you’ll be hacked and lose everything. Don’t be fooled by this pressure-selling tactic, most organisations don’t need super advanced soſt ware solutions to safeguard them.
For SMEs looking to implement a SIEM they’ll be satisfi ed with, PocketSIEM aims to demystify the SIEM market by lowering the barriers to entry, making it aff ordable and providing assistance for those without the skills to respond to alerts.
A SIEM provides analysis of security alerts generated on a network. T ey log data and use that to generate reports. Implemented well, they’re an essential security tool
For more information
Visit:
pocketsiem.co.uk T: 0208 133 0660
IT & telecommunications • 13 ADVERTISEMENT FEATURE
PocketSIEM
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20
