Half of UK SMEs spend less than £1,000 on cyber security

Almost 50% of UK small to medium enterprises plan to spend £1,000 or less on cyber security in the next year and 22% do not know how much they will spend, insurance firm Zurich has found.

Almost 50% of UK small to medium enterprises plan to spend £1,000 or less on cyber security in the next yearAs many as 875,000 small and medium-sized enterprises (SMEs) in the UK – 16% of the total – have been hit by a cyber attack in the past 12 months, according to the latest Zurich SME Risk Index.

Businesses in London are the worst affected, with almost a quarter (23%) reporting suffering a breach within this period.

Of businesses that were affected, more than one fifth (21%) said it cost them more than £10,000 and one in 10 (11%) said it cost more than £50,000.

Yet despite the volume of attacks and potential losses, the survey of more than 1,000 UK SMEs showed that business leaders are not committing to investing significantly in cyber security in the year ahead.

The survey, by YouGov on behalf of Zurich, found that 49% of SMEs admitted they plan to spend £1,000 or less on their cyber defences in the next 12 months, and almost a quarter (22%) do not know how much they will spend.

The lack of planned investment in cyber defences is also surprising in the light of the fact that business leaders report that strong cyber security is giving them an opportunity to stand out from competitors, with as many as one in 20 claiming to have gained an advantage over a competitor because of stronger cyber security credentials.

This trend is confirmed by a separate survey of SMEs by security e-learning firm CybSafe, which showed that half of SMEs polled have had cyber security conditions included in contracts with enterprise customers in the past five years, and one-third of respondents said they have had their cyber security measures questioned as part of winning contracts in the past year.

Also, 44% said they have been required to hold a recognised cyber security standard, such as ISO 27001, by their enterprise customers in the past five years and 28% in the past year alone, demonstrating a clear trend in enterprise approach to supplier information security.

“While recent cyber attacks have highlighted the importance of cyber security for some of the world’s biggest companies, it is important to remember that small and medium-sized businesses need to protect themselves too,” said Paul Tombs, head of SME proposition at Zurich.

“The survey results suggest that SMEs are not yet heeding the warnings provided by large attacks on global businesses.”

However, Tombs said that although the rate of attacks on SMEs is troubling, it also shows there is an opportunity for businesses with the correct safeguards and procedures in place to use this as a strength and gain an advantage.

In September 2016, a report by Juniper Research revealed that 74% of UK SMEs believed they were safe from cyber attack, despite half of them admitting having suffered a data breach.

The report showed that 86% of the SMEs surveyed thought they were doing enough to counter the effects of cyber attacks, and 27% believed they were safe from attack because they were small and of no interest to cyber criminals.

So if you want to save yourself stress, money and a damaged reputation from a cyber incident please ring us now on 01242 521967 or email [email protected] or complete the form on our contact page NOWContact Cyber 139

Defence minister opens £3m cyber security centre in

UK minister for defence procurement has opened a new cyber security centre aimed at boosting UK cyber defence capability and skills.

UK minister for defence procurement has opened a new cyber security centre aimed at boosting UK cyber defence capability and skills.

The Cyber Works centre, which employs 90 people, will enable Lockheed Martin to work more closely with UK partners to share knowledge and best practice, undertake research and develop new cyber defence capabilities.

In February 2017, Lockheed Martin announced that it would support the UK government’s CyberFirst scheme to inspire and support young people considering roles in cyber security.

The Cyber Works centre is designed to deliver cyber capabilities to UK government as well as support the development of skills and careers in cyber security and intelligence.

Harriett Baldwin, UK minister for defence procurement, said that with its £1.9 billion National Cyber Security Strategy, the country is a world leader in the field.

“The opening of today’s cutting-edge centre is a great example of how partnerships with industry are at the heart of that strategy,” she said. “Together, we are developing solutions to national security risks.”

A key part of the Cyber Security Strategy is partnerships with industry, with £10 million being invested in a new Cyber Innovation Fund to give startups the boost and partners they need

Baldwin said the UK is already leading Nato in its support for offensive and defensive operations in the fight against Islamic State (IS) and complex cyber threats. “This centre will further boost the UK’s cyber capabilities,” she said.

Lockheed Martin is the world’s largest aerospace and defence company and a longstanding leader in the fields of cyber security and intelligence.

The company pioneered the development of the cyber kill chain, an analysis method for cyber network defence that has been broadly adopted across industries and sectors.

Lockheed Martin is also a top provider of capabilities to defence and intelligence communities around the world and operates facilities to defend its own networks across 70 countries.

As well as investing in the new facility, Lockheed Martin plans to take part in the National Cyber Security Centre’s £6.5 million CyberInvest scheme to support cutting-edge cyber security research in the UK.

With National Offensive Cyber Planning allowing the UK to integrate cyber into all of its military operations, defence plays a key role in the country’s cyber security strategy, according to the Ministry of Defence (MoD).

Offensive cyber is being routinely used in the war against IS, not only in Iraq but also in the campaign to liberate Raqqa and other towns on the Euphrates, the MoD said.

In defence, the MoD said the £800m Innovation Initiative has already boosted investment in UK research and business, with multimillion-pound competitions to develop artificial intelligence and automated systems.

In January next year, the ministry will open a dedicated state-of-the-art Defence Cyber School at Shrivenham, bringing together all military joint cyber training into one place.

The MoD also has a key role to play in contributing to a culture of resilience, which is why the Defence Cyber Partnership Programme was set up to ensure its industrial partners protect themselves and meet robust cyber security standards, the ministry said.

 

So if you want to save yourself stress, money and a damaged reputation from a cyber incident please ring us now on 01242 521967 or email [email protected] or complete the form on our contact page NOWContact Cyber 139

 

UK firms still relying on perimeter defences for cyber security

Despite the increasing number of data breaches, many companies are still relying on perimeter defences and are underinvesting in technologies to keep data safe.

Despite the increasing number of data breaches, many companies are still relying on perimeter defences and are underinvesting in technologies to keep data safe.

Some 96% of UK businesses feel as though their network perimeter security is effective at keeping unauthorised users out of their network, according to the fourth-annual Gemalto Data Security Confidence Index.

The global ransomware attack in May 2017 affected more than 200,000 computers in over 150 countries, including in the UK where the NHS was forced to restrict operations and turn away patients.

Across the 10 global regions surveyed, 94% of the more than 1,000 IT professionals said perimeter security is effective, but only 35% said they were extremely confident their data would be secure if perimeter defences were breached.

However, the survey also revealed that 46% of UK businesses are only protecting their customers’ data with passwords, and when considering their latest data breaches, 75% of the data stolen from businesses on average was not encrypted, with 11% of businesses not encrypting any of their data.

“As a security professional, it feels like I’ve been saying forever that basic perimeter security measures are no longer enough,” said Joe Pindar, director of data protection product strategy at Gemalto.

“So it’s worrying to see the UK is continuing to place ultimate faith in these systems, without thinking about what attackers actually want – their data,” he said.

Without a switch in mentality, and starting to protect the data at its source with robust encryption and two-factor authentication, the UK is like one of the three little pigs.

“Unfortunately, the one sitting in the straw house – not realising that when the time comes, passwords and perimeter security alone will not stand up to attackers,” he said.

The Gemalto report notes that many businesses are continuing to prioritise perimeter security without realising it is largely ineffective against sophisticated cyber attacks.

According to the research findings, 76% of global respondents said their organisation had increased investment in perimeter security technologies such as firewalls, intrusion detection and prevention, antivirus, content filtering, and anomaly detection to protect against external attackers.

Despite this investment, 68% believe unauthorised users could access their network, rendering their perimeter security ineffective.

These findings suggest a lack of confidence in the solutions used, especially when over a quarter (28%) of organisations polled have suffered perimeter security breaches in the past 12 months. The reality of the situation worsens when considering that, on average, only 8% of data breached was encrypted.

Businesses’ confidence is further undermined by over half of respondents (55%) not knowing where their sensitive data is stored. In addition, over a third of businesses do not encrypt valuable information such as payment (32%) or customer (35%) data.

According to the Gemalto report, this means that, should the data be stolen, a hacker would have full access to this information, and could use it for crimes including identify theft, financial fraud or ransomware.

“It is clear there is a divide between organisations’ perceptions of the effectiveness of perimeter security and the reality,” said Jason Hart, vice-president and chief technology officer for data protection at Gemalto.

“By believing that their data is already secure, businesses are failing to prioritise the measures necessary to protect their data, which is a company’s most valuable asset,” he said, adding that it is important to focus on protecting this resource. “Otherwise, reality will inevitably bite those that fail to do so.”

 

So if you want to save yourself stress, money and a damaged reputation from a cyber incident please ring us now on 01242 521967 or email [email protected] or complete the form on our contact page NOWContact Cyber 139

Major cyber incidents accelerating, says NCSC

The UK is seeing an acceleration in major cyber security incidents, according to the country’s cyber security protection agency.

The UK is seeing an acceleration in major cyber security incidents, according to the country’s cyber security protection agency

In the eight months since inception, the UK’s National Cyber Security Centre (NCSC) has recorded 480 major cyber incidents requiring its attention.

However, there has been big rise in these types of incidents in the past few months, in part due to an improved ability to spot them and a greater willingness to report them, according to John Noble, director of incident management at the NCSC.

“This increase in major attacks is mainly being driven by the fact that cyber attack tools are becoming more readily available, in combination with a growing willingness to use them,” he told The Cyber Security Summit in London.

Although the WannaCry ransomware attacks in May 2017 came very close, Noble said there had been no C1-level national cyber security incidents to date.

The majority of the major incidents the NCSC has dealt with were C3-level attacks, typically confined to single organisations. These account for 451 incidents to date.

The remaining 29 major incidents were C2-level attacks, significant attacks that typically require a cross-government response.

Across these nearly 500 incidents, Noble said there were five common themes or lessons to be learned.

1. There is still a need for organisations to get the basics right

“We are still seeing organisations that are not getting the basics right, like software security patching, antivirus updating and putting in basic protections and controls for system administrators, who are typically big targets for attackers to steal their credentials,” said Noble.

2. Failure to get the balance right between usability and security

“In the vast majority of incidents we see, victim organisations have got this balance wrong, leaning too far in the direction of convenience and usability leading to things like logging being turned off to optimise performance,” said Noble.

“The decision-making around where to strike that balance is typically confused because of the complexity of the enterprises being defended, and because of a lack of understanding about what they are trying to prevent and which data really matters,” he said.

3. Legacy systems and equipment

The existence of legacy systems and equipment in the enterprise presents opportunities to attackers, said Noble. “Often, when we investigate incidents, we find it is in the legacy systems that the compromise has begun,” he said.

4. Outsourcing

“In early 2017, we reported on a major compromise of managed service providers, which provide a tremendous opportunity for bad actors,” said Noble, alluding to Operation Cloud Hopper that was uncovered in April.

“MSPs enable attackers to obtain security credentials in one country, traverse across their network, and then compromise a company or series of companies in another country, and exfiltrate the data through a third country,” he said.

In response, Noble said the NCSC had published a list of questions organisations should ask their MSPs in terms of security.

“Similarly, organisations need to understand the security implications of their supply chains, who they are connecting up to, and what risks are involved,” he said.

5. Mergers and acquisitions

In mergers and acquisition, cyber security is often overlooked in the due diligence process, said Noble. “As a result, the cyber risk is not understood and not addressed effectively,” he said.

So if you want to save yourself stress, money and a damaged reputation from a cyber incident please ring us now on 01242 521967 or email [email protected] or complete the form on our contact page NOWContact Cyber 139

UK needs urgent response to online fraud, says NAO

Online fraud is the most common crime in England and Wales and needs an urgent response according to the Parliament’s public spending watchdog.

Online fraud is the most common crime in England and Wales and needs an urgent response according to the Parliament’s public spending watchdog.

While tackling online fraud is complex, the Home Office’s response is not proportionate to the threat, according to the National Audit Office (NAO).

Although the City of London Police is the national lead force for online fraud and runs the Action Fraud national centre for reporting fraud, police and crime commissioners and chief constables are responsible for policing in their local areas.

Despite the fact the face of crime is changing, the NAO’s report said police forces take different approaches to tackling online fraud and for some it is not a priority. Only 27 out of 41 police and crime commissioners refer to online fraud in their most recent annual police and crime plans.

“For too long, as a low value but high volume crime, online fraud has been overlooked by government, law enforcement and industry,” said Amyas Morse, head of the National Audit Office.

“It is now the most commonly experienced crime in England and Wales and demands an urgent response. While the Home Office is not solely responsible for reducing and preventing online fraud, it is the only body that can oversee the system and lead change.

“The launch of the Joint Fraud Taskforce in February 2016 was a positive step, but there is still much work to be done. At this stage, it is hard to judge that the response to online fraud is proportionate, efficient or effective,” he said.

In the year ending 30 September 2016, the Office for National Statistics (ONS) estimated that there were 1.9 million estimated incidents of cyber-related fraud in England and Wales, or 16% of all estimated crime incidents.

Online fraud includes criminals accessing citizens’ and businesses’ bank accounts, using their plastic card details, or tricking them into transferring money.

“Hidden” crimes require new and different responses yet, despite the level of economic crime, statistics suggest police forces remain more focused on traditional crimes, the report said, highlighting that in 2016, one in six police officers’ main function was neighbourhood policing, while only one in 150 police officers’ main function was economic crime.

According to the NAO, the Joint Fraud Taskforce set up by the Home Office to raise awareness of online fraud, reduce card not present fraud and to return money to fraud victims is a positive step. But the report said the Home Office faces a challenge in influencing other partners such as banks and law enforcement bodies to take on responsibility for preventing and reducing fraud. The report said £130mis held in banks that cannot accurately be traced back and returned to fraud victims.

In addition, without accurate data, the report said the Home Office does not know whether its response is sufficient or adequate.

Measuring the impact of campaigns and the contribution government makes to improving online behaviours is challenging, according to the NAO.

According to the NAO, the growing scale of online fraud suggests that many people are still not aware of the risks and that there is much to do to change behaviour. In addition, the report said that different organisations running campaigns, with slightly different messages, can confuse the public and reduce the campaigns’ impact.

While educating consumers is sensible, the NAO said government and industry still have a responsibility to protect citizens and businesses. The report said the protection banks provide varies, with some investing more than others in educating customers and improving their anti-fraud technology. The ways banks work together in responding to scams also needs to improve.

Although there are examples of good practice in protecting people against online fraud, such as Sussex Police’s initiative to help bodies such as banks and charities identify potential victims, the NAO said there is no clear mechanism for identifying, developing and sharing good practice to prevent people becoming victims.

The government wants the police and judiciary to make greater use of existing laws, but the NAO found that stakeholders had mixed views on the adequacy of current legislation. The international and hidden nature of online fraud makes it difficult to pursue and prosecute criminals because of the need for international co-operation and an ability to take action across borders, the report said.

So if you want to save yourself stress, money and a damaged reputation from a cyber incident please ring us now on 01242 521967 or email [email protected] or complete the form on our contact page NOWContact Cyber 139

 

Key lessons from Petya cyber security ransomware attack

The recent Petya cyber security attack does not follow other recent attacks.

The recent Petya cyber security attack does not follow other recent attacks.

Security researchers are struggling to reach consensus on whether the ransomware responsible for the latest global attacks is a new version of Petya or not, and even whether it was true ransomware, but what they have learned so far could help guide security strategies.

Those in support of retaining the Petya name point out that it essentially behaves in exactly the same way because it is designed to:

Encrypt files on disk without changing the file extension.
Forcibly reboot the machine upon infection.
Encrypt the Master Boot Record on affected machines.
Present a fake CHKDSK screen as a cover for the encryption process.
Present a near-identical ransom demand screen after completing its activities.

According to the latest update on the malware, Kaspersky Lab says code analysis has revealed it is technically impossible to decrypt victims’ disks.

To decrypt a victim’s disk threat actors need the installation ID, and in previous versions of “similar” ransomware like Petya/Mischa/GoldenEye, this installation ID contained the information necessary for key recovery, researchers at the security firm said.

However, they found the new malware – which they have dubbed ExPetr – does not have any such recovery mechanism, which means the threat actor could not extract the necessary information needed for decryption.

In short, victims could not recover their data even if they paid the ransom, the researchers said, which again calls into question the motive behind the malware.

This discovery not only further endorses the security community’s earlier advice not to pay the ransom, but also raises further questions about the true purpose of the malware and is likely to fuel further speculation that it may have been intended purely as a means to cause disruption on to mask some other malicious activity.

This view is supported by the latest statement from the UK National Cyber Security Centre (NCSC) that while managing the impact to the UK of the incident, the NCSC’s experts have found evidence that questions initial judgements that the intention was to collect a ransom. “We are investigating with the NCA and industry whether the intent was to disrupt rather than for any financial gain,” the NCSC said.

Whatever the true purpose, analysis of the malware has confirmed some of the lessons learned from WannaCry and added others which organisations should consider in order to improve their cyber defence capabilities against future threats.

The key lessons from the cyber security attack that have emerged so far are:

1. Having the latest versions of software and ensuring they are patched up to date will go a long way in reducing organisations’ vulnerability to cyber attack.

2. Malware is increasingly using legitimate tools for malicious activity to go undetected. In the case of ExPetr, two common Windows administrative tools, Windows Management Instrumentation Command-line (WMIC) and PsExec were used.

3. Malware is hijacking software updating mechanisms to spread malware, and is likely to use this technique increasingly in future.

4. An appropriate and well-tested backup and recovery plan for critical systems and data will go a long way to mitigating the effects of ransomware and other malware attacks, regardless of its particular characteristics.

5. Malware is abusing security tools to discover usernames and passwords, which means organisations should ensure they have appropriate systems and procedures in place to prevent credential abuse.

ExPetr uses the publically available Mimikatz tool to obtain credentials of all Windows users in plaintext, including local administrators and domain users to spread itself on local networks. You can find more details at: https://github.com/gentilkiwi/mimikatz

So if you want to save yourself stress, money and a damaged reputation from a cyber incident please ring us now on 01242 521967 or email [email protected] or complete the form on our contact page NOWContact Cyber 139

Victims of latest global ransomware attack urged not to pay

Victims of the latest global ransomware attack are urged not to pay, while some researchers claim to have found a local kill switch or vaccine.

Victims of the latest global ransomware attack are urged not to pay, while some researchers claim to have found a local kill switch or vaccine

The new ransomware, dubbed ExPetr by Kaspersky Lab, has been linked to Petya, because, like that family of ransomware, it also attempts to encrypt the hard drive’s master boot record (MBR), locking victims out of their computer – not just files.

Security researchers have also highlighted that for propagation the ExPetr is not relying only on the EternaBlue exploit that targets a known vulnerability in the server message block protocol in Microsoft Windows.

ExPetr is also being spread using the EternalRomance exploit targeting Windows XP to 2008 systems over TCP port 445 and through abuse of legitimate command line tools PsExec and Windows Management Instrumentation Command-line (WMIC).

The ransomware also uses the publically available Mimikatz tool to obtain credentials of all Windows users in plaintext, including local administrators and domain users.

This means computers may still be vulnerable even if Microsoft patches issued by have been applied for the EternalBlue and EternalRomance expoits that are believed to have been developed by the NSA and subsequently stolen and leaked by the ShadowBrokers hacking group.

However, the immediate application of the Microsoft patches is still advised for any unpatched machines.

In light of the fact that the attackers’ email account for accepting ransom payments has been shut down, victims are also advised not to pay the $300 ransom as it is unlikely they will receive a key for decrypting affected files.

Security researchers monitoring the bitcoin wallet associated with the ransomware report that a few hours after the attack began, the wallet began receiving funds, indicating some victims were willing to pay almost immediately. However, only about 26 victims are believed to have paid on the first day.

To prevent the ransomware from spreading in the network, it is recommended to turn off computers that have not been infected, disconnecting the infected hosts from the network, and making images of compromised systems.

This approach could be useful for restoring data, the firm said, if researchers find a way to decrypt the files. In addition, these images can be used to analyse the ransomware.

Researchers at the firm also claim to have found a kill switch to disable the ransomware locally.

The researchers found that the ransomware checks if the perfc file is present in the C:\Windows\ folder before executing. They suggest creating a file with the correct name in this folder can prevent the substitution of the MBR and further encryption. Similarly, other researchers have suggested that blocking C:\Windows\perfc.dat from writing or executing could halt the ransomware.

Anti-ransomware recommendation for businesses

Use the Windows AppLocker feature to disable the execution of any files that carry the name “perfc.dat” as well as the PSExec utility from the Sysinternals Suite.
Isolate infected endpoints as soon as possible.
Use the indicators of compromise to update security systems.
Develop a system of regular training courses for employees to increase their awareness of information security issues by demonstrating practical examples of potential attacks on the company’s infrastructure.
Install antimalware software with self-protection that requires a special password for disabling or changing its settings.
Ensure regular updates of software and operating systems on all hosts of the corporate infrastructure, as well as an effective process of managing vulnerabilities and updates.
Conduct regular information security audits and penetration testing will allow timely detection of existing deficiencies in protection and vulnerabilities.
Monitor the corporate network perimeter to control network service interfaces accessible from the internet and correct the configuration of firewalls in a timely manner.
Monitor the internal network to detect and eliminate an attack that has already occurred.

To apply this local kill switch or vaccine, administrators need to locate the C:\Windows\ folder and create a file named perfc, with no extension name.

According to Kaspesky Lab, around 2,000 machines had been hit by the ransomware by the end of the first day of attacks, which appears to indicate ExPetr is spreading much more slowly than WannaCry.

Code analysis showed that the new ransomware does not attempt to spread itself beyond the network it is placed on, leading several experts to predict the attack will not spread significantly further than it did on the first day unless it is modified.

Known victims of the ransomware include Ukraine’s central bank, Ukraine’s Ukrenego electricity supplier, the Chernobyl nuclear power plant, airport and metro services throughout the Ukraine, UK advertising firm WPP, US-based pharmaceutical company Merck, multinational law firm DLA Piper, Danish shipping company A.P. Moller-Maersk, Russian oil company Rosneft, Pennsylvania hospital operator Heritage Valley Health System, Netherlands-based shipping company TNT and French construction materials company Saint-Gobain.

So if you want to save yourself stress, money and a damaged reputation from a cyber incident please ring us now on 01242 521967 or email [email protected] or complete the form on our contact page NOWContact Cyber 139

UK’s Parliament suffered cyber security attack over the weekend.

Both Houses of Parliament sustained a determined cyber security attack to it’s networks.

Both Houses of Parliament sustained a determined cyber security attack to it's networks.

Remote access to the accounts of parliamentary network users was suspended on Saturday 24 June after unauthorised access attempts were detected.

This meant MPs and other staff were unable to access their accounts remotely, but IT services within the parliament building continued to functional normally.

Parliament said in a statement on Sunday that the parliamentary network and systems had been protected from the attack to ensure the Houses’ business could continue.

Although investigations are ongoing, the statement said that “significantly fewer” than 90 of the 9,000 accounts on the parliamentary network had been compromised as a result of the use of weak passwords that did not conform to guidance issued by the Parliamentary Digital Service.

“As they are identified, the individuals whose accounts have been compromised have been contacted and investigations to determine whether any data has been lost are under way,” the statement said, adding that Parliament was putting plans in place to resume its wider IT services.

In an email to parliamentary network account holders late on Friday, Rob Greig, director of the Parliamentary Digital Service, said unusual activity and evidence of an attempted cyber attack had been discovered earlier in the day.

“Closer investigation by our team confirmed that hackers were carrying out a sustained and determined attack on all parliamentary user accounts in attempt to identify weak passwords,” he said. “These attempts were specifically trying to gain access to users emails.”

Although the Parliamentary Digital Service was able to detect the unusual activity indicating that an attempted cyber attack was under way and took swift action to limit the potential impact by temporarily shutting down remote access to the network, it is unclear why password guidance was not enforced properly.

The statement issued by Parliament appears to blame to account holders for not following official password guidelines, but uncovers that fact that there is no mechanism for enforcing password policy.

UK security services believe the attack is more likely to be state sponsored than carried out by group of hackers, which cited an unnamed security source as saying it was a brute force attack that appeared to be state sponsored.

The incident comes just days after it emerged that the passwords and email addresses of MPs, parliamentary staff, diplomats and senior police officers had been sold, bartered and then made available for free on Russian-speaking hacking forums.

The Guardian reported that the Russian government was the top suspect in the parliamentary attack, but the paper’s source also said it was “notoriously difficult” to attribute an incident to a specific actor, and security commentators have said it is too early to say who was responsible.

“Such an attack is very simple and cheap to organise, and virtually any teenager could be behind it,” said Ilia Kolochenko, CEO of web security company High-Tech Bridge.

“I would abstain from blaming any state-sponsored hacking groups because with such an unacceptably low level of security, they have likely already been reading all emails for many years without leaving a trace.”

Kolochenko said this incident highlighted once again that cyber security fundamentals were being ignored even by the governments of leading countries.

“Today, two-factor authentication, advanced IP filtering and anomalies detection systems are a must-have for critical systems accessible from the internet,” he said.

“Strict password policies and regular audits for weak and non-compliant passwords are also vital for corporate security. However, apparently, none of these simple but efficient security controls were properly implemented.”

 

 

So if you want to save yourself stress, money and a damaged reputation from a cyber incident please ring us now on 01242 521967 or email [email protected] or complete the form on our contact page NOWContact Cyber 139

Queen’s Speech praised for certainty on data protection

The Queen’s Speech has been praised for removing any doubt about the UK’s commitment to data protection.

The Queen’s Speech has been praised for removing any doubt about the UK’s commitment to data protection

The government has promised a new data protection law aimed at incorporating the EU General Data Protection Regulation (GDPR) into UK law.

This is a significant move that will provide businesses with certainty on the UK’s intention to meet the obligations of the GDPR.

The UK has long been a world leader in data protection. We have one of the strongest regulatory frameworks in the world and our system is highly respected. We can now build on these foundations to ensure the country continues to be a real destination for data-driven business post-Brexit.

Although the GDPR has been finalised and will come into effect in May 2018, it gives EU member states some leeway to introduce their own optional exceptions in areas such as crime prevention, and also to add their own provisions in areas such as staff data processing.

Countries such as Germany have already started this process, so it is in the UK’s interests that the government follows suit and gives businesses some certainty as soon as possible, given the high fines which will apply in this area in less than 12 months’ time.

While GDPR will be included into UK law post-Brexit, the proposed bill adds additional safeguards, including overhauling the powers of law enforcement and the powers of the information commissioner.

If the government is serious about making the UK the safest country in the world to be an online user, this legislation is another step towards that goal.

Establishing a world class data protection regime

Peter Carlisle, vice-president for Europe at Thales e-Security, said it was encouraging to see that the UK government will be placing a greater emphasis on establishing a world-class data protection regime.

“The greater the volumes of data accessible online, the greater the potential for exposure and the increased chance of hackers taking advantage of systems that some have thought impregnable,” he said. “Ensuring that both individuals and businesses have as much control as possible over where and how their data is used is critical to the UK’s broader cyber security strategy.”

Beaming, a specialist business internet service provider also welcomed the government’s commitment to improving cyber security.

“Cyber security breaches cost businesses almost £30 billion last year, and small firms in particular are accelerating investment in security technologies to protect themselves and their customers from threats online,” said Sonia Blizzard, managing director of Beaming.

“Making the UK the best place to start and run a digital business requires far more than a commitment to boosting security,” she said. “As customer expectations and data usage grow, factors such as speed and service resilience become ever more important, so it is vital that the Conservatives keep their manifesto pledge to accelerate rollout of the full-fibre technology that will improve service across the country and establish the clear path to national fibre coverage they’ve promised over the next decade.”

Research conducted for Beaming earlier this year revealed UK businesses were subjected to almost 230,000 cyber attacks each during 2016, on average, that 52% of UK businesses fell victim to some form of cyber crime in 2016 at a cost of £29.1bn, that viruses and phishing attacks were the most common corporate cyber threats faced by businesses impacting 23% of the businesses surveyed, and that just under a fifth of firms suffered some form or hack or data breach in 2016.

 

So if you want to save yourself stress, money and a damaged reputation from a cyber incident please ring us now on 01242 521967 or email [email protected] or complete the form on our contact page NOWContact Cyber 139

Europe faces shortage of 350,000 cyber security professionals by 2022

European companies are expected to go on the world’s biggest cyber security hiring spree in the next 12 months, driving demand for cyber talent that will far outstrip supply, a report has revealed

European companies are expected to go on the world’s biggest cyber security hiring spree in the next 12 months, driving demand for cyber talent that will far outstrip supply, a report has revealed

Nearly 40% of European firms want to grow their cyber security teams by at least 15% in the next year, according to the latest report based on the 2017 Global Information Security Workforce Study.

The study, commissioned by information security certification body (ISC)2, is based on a survey of 19,000 cyber security professionals around the world, including nearly 3,700 respondents in Europe.

Although European organisations have the most ambitious hiring targets in the world, two thirds say they currently have too few cyber security professionals.

Europe faces a projected skills gap of 350,000 workers by 2022, according to the report, which calls for employers to do more to embrace newcomers and a changing workforce.

The study revealed that 92% of hiring managers admit they prioritise previous cyber security experience when choosing candidates, and that most recruitment comes from their own professional networks.

Hiring managers also admitted that they are relying on their social and professional networks (48%), followed closely by their organisation’s HR department (47%), as their primary source of recruitment.

Globally, the report shows that strong recruitment targets, a shortage of talent, and disincentives to invest in training are contributing to the skills shortage, with 70% of employers around the world looking to increase the size of their cyber security staff this year.

The demand is set against a broad range of security concerns that continue to develop at pace, the report said, with the threat of data exposure clearly identified as the top security concern among professionals around the world.

Concern over data exposure is linked to new regulations aimed at enhancing data protection around the world, including Europe’s General Data Protection Regulation (GDPR).

The deadline for compliance with the GDPR is 25 May 2018. After that date, organisations found in breach of the regulation faces fines of up to €20m or 4% of global turnover, whichever is greater.

The report describes a revolving door of scarce, highly paid workers with an unemployment rate of just 1% in Europe.

Organisations are struggling to retain their staff, with 21% of the global workforce saying they have left their jobs in the past year, and facing high salary costs, with 33% of the workforce in Europe in particular making more than £78,000 ($100,000) a year.

“The combination of virtually non-existent unemployment, a shortage of workers, the expectation of high salaries, and high staff turnover that only increases among younger generations creates both a disincentive to invest in training and development and a conundrum for prospective employers of how to hire and retain talent in such an environment,” the report says.

The report recommends that organisations adapt their approach to recruitment and draw from a broader pool of talent. This is backed by findings that show workers with non-computing-related backgrounds account for nearly one-fifth of the current workforce in Europe and that they hold positions at every level of practice, with 63% at manager level or above.

The report also highlights a mismatch between the skills recruiters are looking for and workers’ priorities for developing a successful career, suggesting skillsets may not be keeping pace with requirements.

Currently, the top two skills workers are prioritising include cloud computing and security (60%) and risk assessment and management (41%), while employers prioritise looking for communication (66%) and analytical skills (59%). Only 25% and 20% of workers are prioritising communication and analytical skills, respectively.

Other recommendations include:

Looking beyond social and professional networks as the main channel of recruitment to open doors for new, younger and more diverse talent.
Accepting the need to invest in development and training because more talent is needed to stem the high levels of movement on job markets.
Better communication of current employer requirements because workers prioritise different skills for their professional development than what employers look for in the workforce.

So if you want to save yourself stress, money and a damaged reputation from a cyber incident please ring us now on 01242 521967 or email [email protected] or complete the form on our contact page NOWContact Cyber 139