Cyber139- Protect, Prevent Cybercrime

O2 crash proves that humans are the weakest link in cyber security

December 21, 2018December 21, 2018 By Cyber SecurityNo Comments

The O2 mobile network failure that took out data access for some 30 million people recently was caused by an expired software certificate.

No programming error, no undiscovered bug, no malicious interference, but one of the most basic systems administration mistakes you can imagine. Someone somewhere just forgot to renew a certificate.

As a wise voice once said, there’s no patch for stupidity. And herein lies the great unspoken conundrum at the heart of the digital revolution.

Computers go wrong.

Why? Because they’re designed, manufactured, programmed, configured, secured and operated by the most fallible, unpredictable and unreliable resource in the technology world – people.

Of course, it’s those same people who every day ensure that the IT systems supporting every company and government in the world work mostly as intended, who keep the internet running and protect the vast majority of our personal data.

That’s because people are pretty good at computers these days. But we’ll never be perfect.

The job of running IT systems is becoming increasingly abstracted from the technology – virtualisation, cloud, containers, serverless, orchestration, all these trends aim to remove that human fallibility from everyday tasks. Not forgetting that it still takes another human somewhere to make those technologies work in the first place.

Much as artificial intelligence (AI) and automation are replacing or augmenting corporate jobs, so the IT department will see further dramatic change as more of its responsibilities are taken over by software robots. Of course, those software robots were created and programmed by humans too.

And they aren’t exactly perfect – as the Amazon workers in a New Jersey warehouse found out this week, when a robot accidentally punctured a can of bear repellent, sending 24 staff to hospital.

There is, correctly, much debate about ethics in AI and technology, not least the need to prevent human bias from becoming too infused in the algorithms they rely on.

People outside IT are taking more of an interest in the workings of IT than ever before. It’s fair to assume those non-IT types are pretty fallible too.

The outage was a small reminder of how reliant most of us have become on technology.

When O2 went down, there was much humour taken from the sight of people trying to consult paper maps to find their way around, and attempted insights from those who found a whole new world beyond the smartphone they’d been glued to until then.

For all the great advances of recent decades, it’s going to be a long time before we no longer see headlines screaming “computer crash”. Whether through malice or simple error, human fallibility is a part of our digital future too.

If you want to save yourself stress, money and a damaged reputation from a cyber incident – for a cyber security incident prevention, protection and training please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOW

GCHQ warns of cyber security scams on Black Friday

November 23, 2018 By Cyber SecurityNo Comments

GCHQ has issued an warning of cyber security scams on Black Friday.

Black Friday sales could be targeted as easy pickings for cyber-crime, according to Cheltenham-based GCHQ.

The National Cyber Security Centre, part of GCHQ, is advising shoppers of the risk of online threats. It is the first such official cyber security warning in the run up to Christmas.

GCHQ wants to start a “national cyber-chat” today (Black Friday), when billions are spent online. Known for working in secret, the agency wants to be open and engage with the public over the seriousness of the threat.

The National Cyber Security Centre has tackled more than 550 significant cyber incidents over the past year, and has taken down almost 140,000 “phishing” websites.

The National Cyber Security Centre (NCSC) is giving tips for shoppers to avoid cyber-crime – and for the first time it will be publishing answers to questions from the public on Twitter.

The agency recently warned of a serious and sustained threat from elite hackers in other countries, which could include the theft of millions from retailers and attacks on the financial networks the shops depend on.

The British Retail Consortium is backing the calls for better cyber security during the Christmas shopping season, and retailers continue to invest heavily in protecting themselves against cyber-threats.

The National Cyber Security Centre’s advice to reduce the risk of cyber crime is:

Install the latest software and app updates
Type in a shop’s website address rather than clicking on links in emails
Choose strong and separate passwords for accounts
Keep an eye on bank accounts for unrecognised payments
Avoid over-sharing unnecessary information with shops, even if they ask
Make sure all your home gadgets are secure

If you want to save yourself stress, money and a damaged reputation from a cyber incident – for a cyber security incident prevention, protection and training please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOW

UK business in the dark on impact of cyber security attacks

November 16, 2018 By Cyber SecurityNo Comments

UK businesses so not understand the resilience required to withstand cyber security threats, a study shows.

While 99% of UK business leaders believe that making technology resilient to business disruptions is important, only 54% claim their organisation is as resilient as it needs to be, a study has revealed.

In recent years, the security industry has increasingly recognised the importance of focusing on resilience to ensure that when defences are breached, organisations are able to reduce the impact on the business.

A fifth of more than 1,000 UK business decision makers polled by security firm Tanium admitted they would not be able to calculate indirect costs from lost revenue and productivity following a cyber attack.

The Tanium resilience gap study also found that there are more barriers to achieving the resilience that 97% of respondents believe to be important, with 38% of respondents blaming their organisation’s growing complexity as one of the biggest barriers to building business resilience, while 21% blame siloed business units.

Asked about their team and tools, 35% of respondent said the issue lies with the hackers being more sophisticated than IT teams, 21% claim that they do not have the skills needed within the company to detect cyber breaches accurately in real time, and 27% said poor visibility of entry points is a barrier to resilience.

Business resilience is fundamental to any strategy for long-term growth, yet the findings suggest that many UK businesses still have a long way to go.

The study also revealed gaps in accountability and trust across organisations.

One of the main reasons organisations are unable to achieve business resilience against disruptions such as cyber threats is due to growing confusion internally on where the responsibility for resilience lies.

More than a quarter (28%) believe it should be the responsibility of the CIO or head of IT, the same proportion said every employee should be responsible, while 13% said full responsibility lies with the CEO alone. One in 10 (11%) believe it falls to senior leadership.

Businesses are becoming entirely dependent on their technology platforms. But if that technology stops running, the business will too, with potentially serious consequences for sales, customer confidence, and brand equity, not to mention productivity.

To deliver resilience, a new discipline needs to be instilled across governments and enterprise organisations. This discipline is more than prevention. It’s more than recovery. It’s a shared practice that should unite IT, operations and security teams to ensure strong security fundamentals are embedded across the entire company network. Only then can organisations act and react in real time to threats.

If you want to save yourself stress, money and a damaged reputation from a cyber incident – for a cyber security incident prevention, protection and training please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOW

NSCS warns about business’s third party cyber security risks

October 29, 2018 By Cyber SecurityNo Comments

GCHQ’s NCSC warns that third party suppliers may be businesses’ biggest cyber security risk.

Despite spending millions on cyber security enhancements and compliance around the General Data Protection Regulation (GDPR), organisations remain reluctant to address the weakest link in their IT security environment – their supply chain and associated third-party relationships.

A report in October from the UK National Cyber Security Centre revealed that the GCHQ offshoot had stopped almost 1,200 attacks in the past two years and is fighting off around 10 attacks every week.

Addressing third party cyber security risks are challenging and significant.

For larger organisations, procurement decisions are usually made without input from those responsible for cyber security, and such agreements can provide access to critical systems via open application programming interfaces (APIs) and other interaction mechanisms.

Supplier relationships are also overwhelming without a standard process to manage cyber risk when the relationship is via an arms-length contractual arrangement. Many organisations are struggling to address their internal network security issues and have not sufficiently considered the risks beyond their own network.

But third party cyber security risk is too significant and too dangerous an issue for board members to continue to overlook.

NIS Directive
Current regulatory initiatives including the Networks and Information Systems (NIS) Directive and GDPR require organisations to take responsibility for ensuring that external suppliers have implemented adequate cyber security measures.

Both NIS and GDPR require notification to the Information Commissioner’s Office (ICO) no later than 72 hours after an organisation is aware of a data breach or a cyber incident having a substantial impact on its services.

Many data breaches affecting large organisations occur within a third party service provider. Organisations that do not have the contractual provisions and processes in place with these suppliers to secure the necessary information surrounding the data breach are unlikely to meet the 72-hour deadline.

Missed deadlines and poor or inaccurate information reveal due diligence and contractual failures. These failures increase the risk of a regulatory investigation and significant financial penalties.

But regulatory fines are just the beginning. There are also civil liabilities, as well as loss of consumer trust and investor confidence that result from a cyber breach. Under GDPR, individuals can claim compensation for material and non-material damage.

A data controller is jointly and severally liable for the damage if it was in some way also responsible for a breach due to unlawful processing by a data processor.

To mitigate these risks, organisations that outsource cyber security functions should comprehensively review their third party contractual arrangements and revise their internal procurement processes and procedures to include cyber security assessments. These reviews should, at a minimum, assess, document and monitor these agreements.

Cyber threats are on the rise in both number and complexity. They are purposely attacking the supply chain. Recent regulatory approaches under NIS and GDPR require organisations to take an active role overseeing their third-party providers.

Failure to do so can result in regulatory fines, civil liabilities and reputational loss. Investing human and financial capital now to assess and mitigate risk can help significantly reduce these liabilities, protect an organisation’s reputation and strengthen consumer trust.

If you want to save yourself stress, money and a damaged reputation from a cyber incident – for a cyber security incident prevention, protection and training please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOW

Investors target Board Directors for cyber security incidents PT2

October 18, 2018October 12, 2018 By Cyber SecurityNo Comments

Investors are growing concerned that directors are ill prepared for cyber security incidents and technological challenges.

An investor “We want the board to be tech savvy, but we wouldn’t just want it to be a tech board. Our fear is they appoint a tech expert but then no one else on the board is engaged. We want to understand the extent to which all the board is competent.”

Earlier this week, British Airways was forced to vow to compensate passengers after it revealed hackers had stolen data relating to about 380,000 customers from its website and mobile app during a two-week period in August. The data included personal and financial details.

Companies ranging from Equifax to JPMorgan Chase have all suffered data breaches in recent years. Meanwhile, large multinationals from Moller-Maersk to Reckitt Benckinser and FedEx were all forced to warn shareholders that the NotPetya cyber attack in 2017 had hurt profits, potentially costing each company hundreds of millions of dollars.

Ovidiu Patrascu, research analyst at Schroders, says it is crucial that companies have well-resourced cyber security teams that should ideally report directly to the highest levels of the organisation.

“As seen in a number of recent high-profile public failures, data breaches often uncover poor governance practices and weak management at the heart of companies, while also hitting their revenues and intangible assets such as reputation and trust,” he says.

“Cyber risk should also not just be the preserve of tech specialists — company boards also need to ensure they understand and can effectively oversee these very particular risks,” he adds.

A 2017 study by the Ponemon Institute, a research centre, found that there had been a 22.7 per cent rise in the cost of cyber security for businesses in just one year. It also found a 27.4 per cent rise in the number of data breaches at businesses, based on 2,182 interviews from 254 companies in seven countries — Australia, France, Germany, Italy, Japan, the UK and the US.

A follow-up study in 2018 found that the average cost of a data breach globally is $3.86m, a 6.4 per cent increase from the 2017 report. It also warned that so-called “mega breaches”, ranging from 1m to 50m records lost, could cost companies between $40m and $350m to deal with.

For many investors, the fact that a huge technology company such as Facebook could suffer a data breach has hit home how vulnerable smaller or less tech-savvy businesses could be. In July, Britain’s Information Commissioner’s Office hit Facebook with its first financial penalty over the data leak to Cambridge Analytica, accusing the social network of breaking the law.

A big investor at a large asset manager says that he wants boards to be able to explain where their key vulnerabilities are and whether they have stress tested the financial impact of tech issues. “We think every board member should be able to speak about this issue. They need to know where they are vulnerable, what the impact could be and how the board would respond,” he adds.

Mr Krefting says he wants the businesses M&G invests in to clearly outline in their reports and accounts what risks they face when it comes to technology and cyber security. “When we talk to companies about this, they often clam up — either because the CEO or chair doesn’t know about it or it is delegated to the chief information officer or someone below the board, or they say this is too sensitive.”

But he adds: “We want policies on governance and structures and how they are approaching cyber. We don’t necessarily need to know how many times they were faced with attempted hacks last week, but we want to see processes and that they are doing testing and that the right controls are in place.”

This article was first published by the Financial Times at https://www.ft.com/content/c70caa94-2d88-3ece-b802-79e9bac2f32c.

If you want to save yourself stress, money and a damaged reputation from a cyber incident – for a cyber security incident prevention, protection and training please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOW

Investors target Board Directors for cyber security incidents

October 12, 2018 By Cyber SecurityNo Comments

Investors are growing concerned that directors are ill prepared for cyber security incidents and technological challenges.

Facebook has been hit with a fine, a slowdown in user growth and a fall in its share price since news of the Cambridge Analytica data scandal broke in March.

In the months since, the social media company’s handling of the scandal — where data was improperly obtained from up to 87m users — has been heavily scrutinised by regulators, politicians and users.

Facebook chief operating officer Sheryl Sandburg last week testified before Congress, facing hours of questioning from the Senate Intelligence Committee. She said the company was “strengthening our defences” against targeted hacking and data collection.

It is also being closely watched by corporate governance specialists at big asset managers who are increasingly concerned that senior management and board directors at listed businesses across the world are ill-prepared for potential data breaches and other technology problems.

“We see cyber security as a key emerging risk,” says Rupert Krefting, head of corporate finance and stewardship at M&G Prudential, which oversees £342 billion in assets. “It is hard for us to judge if management and board directors at listed businesses really do know the technology risks because they are not prepared to talk about it.”

Now a growing number of investors are demanding that directors ensure they are well versed in the technology issues their companies could face.

Please use the sharing tools found via the share button at the top or side of articles. Copying articles to share with others is a breach of FT.com T&Cs and Copyright Policy. Email licensing@ft.com to buy additional rights. Subscribers may share up to 10 or 20 articles per month using the gift article service. More information can be found here.
https://www.ft.com/content/c70caa94-2d88-3ece-b802-79e9bac2f32c

Leon Kamhi, head of responsibility at Hermes Investment Management, says the asset manager is engaging “heavily” on the issue. “Cyber security risk is a big issue,” he says. “IT skills on boards can be really important in order to challenge what a head of IT is doing at the inside. Boards need to be on top of it.”

“We want the board to be tech savvy, but we wouldn’t just want it to be a tech board. Our fear is they appoint a tech expert but then no one else on the board is engaged. We want to understand the extent to which all the board is competent.”

The introduction of stringent European data protection rules earlier this year has also prompted investors to ask tough questions about how well companies are coping with technological changes. The General Data Protection Regulation, which came into effect in the EU in May, has reshaped how companies can collect, use and store personal information. Companies face fines of up to 4 per cent of global turnover or €20m, whichever is greater, if they fall foul of GDPR.

Mr Kamhi says that if companies do not step up on cyber security issues there is a risk they will be hit with even more legislation.

Many investors believe the potential issues companies could face linked to technology are far reaching. As well as being “disrupted” — meaning technological solutions could be developed that upend their business model — companies that hold consumer information are at risk of data breaches. There are also concerns about hacks or cyber attacks which could damage business brands and cost businesses millions of dollars.

If you want to save yourself stress, money and a damaged reputation from a cyber incident – for a cyber security incident prevention, protection and training please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOW

Cathay Pacific under fire over breach affecting 9.4 million passengers

September 25, 2018March 3, 2020 By Cyber Security Comment Closed

Hong Kong-based airline reveals massive data breach of the most sensitive personal data of passengers five months after loss was confirmed

Cathay Pacific is coming under fire for taking months to report a breach of the most sensitive data affecting 9.4 million passengers, including some from its Hong Kong Dragon Airlines division.

Suspicious activity on the airline’s IT systems was discovered in March 2018 and the “unauthorised access” of personal data was confirmed in May, but Cathay Pacific has kept quiet about it until now.

Brian Vecci, technical evangelist at Varonis, said that as insiders and external actors get more sophisticated, organisations must be able to do a better job of detecting suspicious activity quickly and reducing the time it takes to investigate an incident.

Months went by between when this attack was apparently noticed and when investigators figured out sensitive data might have been stolen, and then almost half a year passed before it was announced, That is unacceptable and highlights just how far behind the eight ball most organisations are when it comes to threat hunting and incident response.

The data breach includes 860,000 passport numbers, about 245,000 Hong Kong identity card numbers, 403 expired credit card numbers and 27 credit card numbers with no card verification value (CVV) that were accessed, although the airline claims no passwords were compromised.

Breached data also includes passenger names, nationalities, dates of birth, telephone numbers, email and physical addresses, passport numbers, identity card numbers and historical travel information – all extremely valuable to cyber criminals for identity theft, phishing and fraud.

The chief executive Ruper Hogg explained how very sorry the company are for any concern this data security event may cause our passengers.

The company acted immediately to contain the event, commence a thorough investigation with the assistance of a leading cyber security firm and to further strengthen our IT security measures.

It is not known whether any EU nationals are among the passengers affected, but the airline could face a stiff fine under the EU’s General Data Protection Regulation (GDPR), which has been in full force since May and requires notification of personal data breaches within 72 hours.

However, in April, the privacy commissioner for personal data in Hong Kong, Stephen Kai-yi Wong, made it clear that Hong Kong-based businesses like Cathay must comply with the GDPR.

Stephen felt that as the EU is Hong Kong’s second-largest trading partner, the new GDPR’s extra-territorial effect suggests that as long as Hong Kong businesses collect and process personal data of EU individuals, they should be prepared to comply with the GDPR’s requirements.

Steve Malone, director of security product management at Mimecast, said it is likely that EU citizens were included in a breach of this size and GDPR questions will be asked.

Malone went on to say that once personal information is compromised, cyber criminals can implement highly targeted spear phishing and social engineering attacks, often via impersonation emails against friends or business contacts. These impersonation attacks are now the easiest way for criminals to steal money and valuable data.

Cyber security commentators said the airline industry is a rich source of personal data for cyber criminals and should ensure that extra care is taken in keeping that data safe.

Although several airlines have been targeted in recent months, including British Airways, Delta Airlines and Air Canada, the Cathay Pacific breach stands out because of the number of passengers affected and the combination of extremely sensitive data involved.

Ted McKendall, CTO of Trusted, said the breach makes BA’s breach in September of data belonging to 380,000 passengers look “trivial” by comparison.

What is staggering here is the sheer volume of passengers involved, the nature of the data that has been accessed, and how long it took the airline to alert customers.

There are no details of how the breach was executed yet, but Kendall felt that he can only assume that the extreme delay between identifying the breach and notifying customers is because the airline was trying to patch its systems first.

Although Cathay Pacific has been quick to assure customers that only a small amount of financial information has been leaked, McKendall said the data that has been leaked is more than unsettling.

McKendall stated that the passport information of passengers on the dark web will have an extremely high price tag. Much of this information – names, dates of birth, email and physical addresses – could be used to conduct further attacks against passengers’ other accounts, as these details are often enough to bypass security.

However, sadly that is not the worst of it. All those seriously affected will have to be on the lookout for identity fraud, and this shows just how serious cyber crime has become. Cathay Pacific inherently trust a multitude of companies with their details, but they cannot get them back once they are taken.

If you want to save yourself stress, money and a damaged reputation from a cyber incident – for a cyber security incident prevention, protection and training please ring us now on 03333 393 139 or email assist@cyber139.com or complete the form on our contact page NOW

Cyber security criminals outspend businesses in security battles

September 5, 2018September 14, 2018 By Cyber SecurityNo Comments

Cyber security criminals are spending 10 times more money finding weaknesses in the cyber defences of organisations than the organisations they target are spending on protecting against attack.

Research from Carbon Black carried out in August also asked 250 UK-based CIOs, CTOs and CISOs about the attacks they faced over the past 12 months.

In total, 92% of UK businesses have had cyber security breaches in the past year and nearly half off those reported falling victim to multiple breaches (three to five times in the past year).

A total of 82% of respondents said they have experienced more attacks this year than last year. In the financial services sector, 89% said this is the case, while 83% of government organisations and 84% of retailers had also experienced an increase in the number of attacks.

Malware was the most common attack on the UK organisations surveyed, with about 28% experiencing at least one such attempted breach. Ransomware was the next most common, with 17.4% reporting at least one attack.

“Following a global trend, cyber attacks in the UK are becoming more frequent and more sophisticated, as nation state actors and crime syndicates continue to leverage fileless attacks, lateral movement, island hopping and counter incident response in an effort to remain undetected,” said the report. “This issue is compounded by resources and budgeting. Not only is there a major talent deficit in cyber security, there is also a major spending delta.”

The report found that IT leaders believe Russia and China to be the source of the vast majority of cyber attacks, but it identified North America as the starting point for more attacks than Iran and North Korea combined.

If you want to save yourself stress, money and a damaged reputation from a cyber incident with affordable, live systems protection please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOW

Money transfer frauds are top aim of business email cyber attacks

August 31, 2018August 31, 2018 By Cyber SecurityNo Comments

Tricking recipients into transferring money to cyber criminals is the top objective of business email compromise (BEC) attacks.

Business email compromise is increasingly popular with cyber criminals to steal money and information as well as spread malware, security researchers find

The second most popular objective is to get the recipient to click on a malicious link aimed at stealing information or spreading malware, according to an analysis of more than 3,000 BEC attacks by Barracuda Networks.

BEC attacks are also known as whaling or CEO fraud because attackers typically compromise the email accounts of CEOs and other top executives so those accounts can be used to send messages to more junior staff members, tricking them into taking some action by impersonating the email account holder.

This tactic is extremely effective in manipulating employees as well as partners and customers of targeted businesses because few organisations have processes in place for checking or verifying instructions ostensibly received from a top executive in an email message sent from a genuine account.

In most cases, cyber criminals focus efforts on employees with access to company finances or payroll data and other personally identifiable information(PII).

The study shows that PII is another top target for BEC attackers, accounting for 12.2% of the attacks studied. Another 12.2% were aimed at establishing a rapport with recipients, which in most cases was followed up with a request for a money transfer.

The effectiveness of this attack method has made it extremely popular with cyber criminals, as is indicated by an 80% increase in the number of BEC attacks in the second quarter of 2018 compared with the first quarter, according to a recent report by email management firm Mimecast.

The Barracuda study reveals that in 46.9% of the cases studied, the objective was to trick employees into transferring business money into accounts controlled by the attackers, while in 40.1% of the cases, the aim was to trick them into clicking on a malicious link.

According to Barracuda, email is the top threat vector facing organisations due to the growing number of email-related threats, which include ransomware, banking trojans, phishing, social engineering, information-stealing malware and spam, as well as BEC attacks.

Not surprisingly, the analysis shows that CEO email accounts are the most commonly impersonated (42.95%), followed by other C-level account holders (4.5%), including the CFO (2.2%), and people in the HR and finance departments (2.2%).

CFOs are among the top recipients of BEC emails, representing 16.9% of recipients in the attacks studied, on a par with the finance and HR departments in general and compared with 10.2% received by other C-level execs.

However, the analysis shows that most recipients of BEC emails are in more junior roles, with 53.7% holding roles outside the C-level, underlining the need for regular, ongoing user awareness training.

If you want to save yourself stress, money and a damaged reputation from a cyber incident with affordable, live systems protection please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOW

How SMEs can outsource cyber security issues to a Virtual CISO

August 3, 2018August 3, 2018 By Cyber SecurityNo Comments

Top things Small Businesses SMEs should consider when outsourcing cyber security to a Virtual CISO.

Outsourcing cyber security operations to a Virtual CISO (Chief Information Security Office) is not only possible, but highly attractive – especially in the face of increasing complexity, the continual evolution of the cyber threat and the current shortage of skilled cyber practitioners.

However, there are some elements that Small Business SMEs and businesses cannot do – outsource the associated business risks and regulatory responsibilities, such as those under the General Data Protection Regulation (GDPR).

While Service Level Agreements (SLAs) governing security services will exist, suppliers are unlikely to provide unlimited liability for consequential losses as the result of a cyber attack, or privacy breach.

You therefore need to be able to make judgements on the services you are being provided and make informed decisions on what is sensible to outsource for your business.

At a business level a CISO will need to retain overall control and management of the organisation’s security policy, disaster recovery, regulatory aspects such as GDPR and high-level incident and media management, but it would be perfectly feasible to outsource the underlying support – such as the actual incident response and aspects of disaster recovery.

However, a full time CISO may not be affordable for small to medium enterprises (SMEs), so an alternative solution that is growing in popularity is to employ a “Virtual CISO”.

These are skilled and experienced CISOs who can provide independent support, to ensure regulatory requirements are being met and that outsourced providers are fulfilling the necessary service levels, at a fraction of the cost of a full-time employee.

Typical security services that can be outsourced include protective monitoring, vulnerability management, firewall management, antivirus etc. How you decide to outsource may depend on whether you already outsource your IT provision or if you use cloud services.

The current trend amongst SMEs is for cloud-based solutions, as they lower the overhead of having your own IT and security management teams, especially when using storage and software services as security controls – like patching and back-ups – are included in the subscription.

Deciding what to outsource to a Virtual CISO is often driven by the need for specialist staff (who are currently in high demand), threat knowledge and the practicality of maintaining your own capability.

As illustration, on occasion you may need an incident response team of several experts covering incident management computer forensics, network forensics, malware analysis, etc. But having these professionals on the payroll full-time, “just in case”, would be too expensive, assuming you could retain their interest.

Also, effective protection depends on a good level of up-to-date threat intelligence, so unless you have specialists engaged in threat hunting and gathering threat intelligence, it will be difficult to defend your systems. Incident response and security monitoring, closely followed by vulnerability monitoring, are therefore the first things to consider.

Patching, firewall management and access management are more routine, so may be kept in house, but if this is the case, any protective monitoring provider must be aware of the current configuration to meet their SLAs.

So if you want to save yourself stress, money and a damaged reputation from a cyber incident with affordable, live systems protection please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOW