(Gov, Cyber Security Breaches Survey 2017)
The repercussions of cyber-attacks are increasingly severe, with the average attack costing businesses £1,570 as a result of these breaches. Identifying potential threats and securing your company’s system is vitally important in order to avoid damage to productivity & thus, financial losses.
Layered Security Strategy
Modern cyber threats are more numerous and more sophisticated than strands encountered in the past. Lead by ever-increasing rewards, criminals are developing new strands of malware at a pace at which conventional security systems cannot match.
This “arms race” inevitable leads to more sophisticated and new ways in which criminals attempt to infiltrate a system. Methods of attack include Ransomware, Virus, Phishing, social engineering, spoofing, fake Wi-Fi hotspots and many more.
Multiple security solutions are required to deal with the variety of attacks and various entry points of an IT system. There is no “catch all” solution to cyber security, rather a professional and considered approach, putting in place various products & services all with the aim of preventing breach is required.
Our ApproachWe approach cyber security in a multi-faceted way, with prevention being the clear focus at all times. Our work is lead by the belief that organisations can reduce their chances of becoming a victim of cyber-crime by utilising monitoring & industry leading security solutions.
We tackle cyber security using the following approach:
We analyse both a company’s information technology assets and the business solutions used. We identify possible areas of weakness and provide solutions to improve security across the organisation.
Solutions are put into place which make up the pieces of a layered security strategy. This concept is used to reduce the risk of cyber-crime to the organisation.
Using our managed monitoring services, we provide 24/7 monitoring services which are used to identify threats at the earliest possible time.
Early detection of threats leads to a reduction in attack fallout.
Resolve & Restore
Our service desk picks up the incident using our monitoring services. The threat is neutralized and the damage limited. We ensure the company is returned to an operational state by utilising the customized backups that have been set for that company.
The event is analysed and an incident report is created. This report includes recommendations to ensure the event is not repeated.
Cyber Security Audit
We offer two different levels of Cyber Security Audit.
Our entry-level package caters for small businesses, and covers the major security weaknesses that organisations face, such as:
- attack via the Internet;
- appropriate access to data and information (including physical access);
- the status of your software for security updates;
- the strength of your defences against threats like viruses, spam, phishing, and;
- your vulnerability to whaling, which is focussed directly on executives;
This package includes everything in the Standard Package, but goes into greater depth including:
- a review of your service logs for dubious activity;
- a check for adherence to best practice in your local and group policy configuration;
- in conjunction with administrative technicians, perform review the configuration of computers and user accounts, and;
- onsite discussion with stakeholders and executives to review findings;
GDPR (General Data Protection Regulation) – May 2018The General Data Protection Regulation (GDPR) is a new regulation by which the European Union (EU) intends to strengthen and unify data protection for all individuals inside the EU.
It represents the biggest shake up in data protection law in over twenty years. It raises the minimum acceptable level of data protection precautions taken by businesses. This raising of standards will be enforced by significantly higher fines for businesses that fail the test of “implementing appropriate technical and organizational measures” – This means that a sufficient level of cyber security must be evident if a breach occurs.
SME’s will be subject to a fine of up to €10m or two percent of worldwide turnover; or in more serious failures, up to €20m or four percent of worldwide turnover.
GDPR will affect all companies in the UK pre-Brexit and it’s universally accepted that the UK will implement regulations which mirror GDPR in the post EU environment. Thus, ensuring compliance is necessary and not optional.
ECS Computers offer a full IT security audit which will leave you with a report detailing your company’s route to compliance to GDPR from an IT perspective.