cyber Security & data protection
The business challenges of Cyber attacks and data protection
The latest Zurich SME Risk Index has found that 16% of British small and medium-sized enterprises (SMEs) suffered a cyber attack in the last 12 months – London businesses the worst hit at 23%.
As for losses, 21% of the affected SMEs said the breach cost them more than £10,000 while 11% reported costs of over £50,000.
There are many types of cyber-attack and their range and complexity is increasing by the hour. Some can be devastating, for example, the recent Petya ransomware attack resulted for companies without adequate cyber defences, in their data becoming encrypted and inaccessible until the payment of a ransom.
The key business challenges can be summarised as having a cyber-attack defence solution to protect your business data and applications, that is constantly updated and monitored for attacks (7 x 24 hours), with preferably the ability to take instant and automatic remedial action.
Another key challenge for businesses, especially SMBs with typically minimal or zero in-house IT resources is how to select a cyber defence solution that meets their business needs and is fit for purpose, and is within their budget. There is a myriad of products and technologies in the market, with competing and overlapping claims to their effectiveness.
Continuous Cyber Defence Solution
A holistic Design and Operations Process
The fundamental principles are that there needs to be a holistic design approach. Cyber security is intrinsically linked to data protection, so it makes sense to consider both.
Investigate the current IT and determine any vulnerabilities:
Investigate and review the current IT infrastructure, applications and operating systems.
We can also provide vulnerability testing for your current system to immediately identify weaknesses.
Determine the security and data protection objectives and requirements of the business:
A major process step is to determine the security and data protection requirements of the business. Some of the requirements relating to data protection may be mandatory and legally required e.g. GDPR.
We analyse and categorise companies' data and applications in terms of security and data protection, audit and archive requirements.
We determine the reporting requirements possibly for internal and/or external regulatory bodies.
We determine the monitoring and alerting requirements possibly making use of dashboards with role based configurations i.e. for security auditor roles.
Design a continuous cyber defence solution:
We design a solution comprising technology, services and processes/procedure. This may require recommendations for replacing IT applications and infrastructure. There is no point in applying a sticking plaster to something that is inherently insecure.
The solution documentation will also present the costs for implementing, maintaining updating and operating the cyber-defence solution.
Also, create end-user documentation including best practices for security, data protection, etc.
Implement the Solution:
The solution is implemented and tested. Possibly including the upgrading and updating, replacing the current IT infrastructure, hardware and software.
Provide End-User Training:
Provide end-user training/education on best practices for password formats, etc.
Operate, Maintain and Monitor:
We operate, maintain and update the solution. We also monitor for attacks and breaches.
We provide a service desk that provides end-users with advice and support.
Cyber Defence Solution Design Objectives
- Multiple rings of defence rather like concentric circles i.e. if one ring of defence is breached, there is another one.
- Defences should be continuously and automatically updated.
- Defences should be continuously monitored for attacks and breaches.
Cyber Defence Solution Features
We design cyber defence and data protection solutions to meet your business requirements. They will be based on advanced technologies utilising AI (Artificial Intelligence) that provide the ability to deal with new attacks and make smart decisions of how to deal with them on a round the clock basis.
- Provide defence against ransomware attacks – files locked and encrypted, released on payment of a ransom.
- Provide protection against virus and phishing attack.
- Maintain passwords, policies and user rights to meet the requirements of the business and the user job roles.
- Secure data on the move / held locally on mobile devices such as tablets and laptops.
key business benefits
The cyber security solution will:
- Provide a single and inclusive bill for IT professional services, subscriptions, etc. Paid for by a predictable subscription fee (monthly / quarterly) based on the number of users.
- Reduce your costs and pay for what you use on a subscription (monthly / quarterly) basis, to provide predictability and flexibility for all or part of an organization, thereby removing the need for unpredictable and expensive IT purchases.
- Improve your IT service quality and security with enterprise-class features including a single point of contact IT-level phone support, financially-backed 99.9% uptime, geo-redundancy, disaster recovery, and robust security and privacy controls and standards.
- Provide access to email, documents, contacts, and calendars on nearly any device with simple and secure collaboration with colleagues and business partners.